Trojan.KillProc2.27767

Техническая информация

Вредоносные функции

Завершает или пытается завершить

следующие системные процессы:

%WINDIR%\explorer.exe
<SYSTEM32>\taskhost.exe
<SYSTEM32>\dwm.exe

следующие пользовательские процессы:

iexplore.exe
firefox.exe

Изменения в файловой системе

Создает следующие файлы

%WINDIR%y1s2fctrp3
%CommonProgramFiles%\microsoft shared\gzn4ud7e w6csjja14n1 nom72kl girls lzxyhb7k .rar.exe
%ProgramFiles%\dvd maker\shared\f07qtt h93bklf nom72kl apv53deiq9fw feet 779mipj (sarah).mpeg.exe
%ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\8r3baiec h93bklf beast vjq39c1gwy .rar.exe
%ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\yzw1afy bq4kno glans (sandy,liz).rar.exe
%ProgramFiles%\microsoft office\office14\groove\xml files\space templates\mnho9y54 uncut 779mipj .avi.exe
%ProgramFiles%\microsoft office\templates\z9z7rwe ddqayq lpcu5ai3 [free] (dxocjwba).mpeg.exe
%ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\black 7nd83wovj nom72kl [milf] (jade).mpg.exe
%ProgramFiles%\windows journal\templates\nom72kl nom72kl hotel (sonja,liz).zip.exe
%ProgramFiles%\windows sidebar\shared gadgets\8r3baiec ddqayq vjq39c1gwy titts hotel .mpeg.exe
%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\yzw1afy sgu4m7oc boots .mpeg.exe
%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\f07qtt bd1l5ir gay ihthd33 fishy .avi.exe
%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\fac71w2 porn epyxwn fw58kpr41ob1w .zip.exe
%CommonProgramFiles(x86)%\microsoft shared\horse nom72kl feet (dehod0,dxocjwba).mpeg.exe
%ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\z9z7rwe wep6b08 tsomq34 big mg9fvb2xk9 (36mho73,jade).avi.exe
%ProgramFiles(x86)%\windows sidebar\shared gadgets\s2fkave ddqayq beast ihthd33 titts (jenna,sarah).zip.exe
%ALLUSERSPROFILE%\microsoft\rac\temp\fac71w2 xakmpl yzw1afy big wifey .mpeg.exe
%ALLUSERSPROFILE%\microsoft\search\data\temp\eq7k2xcxt porn tsomq34 sgu4m7oc sweet .avi.exe
%ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\beast uncut titts (rdl1tfkz,c4w8hqa).zip.exe
%ALLUSERSPROFILE%\templates\mzwpstr8n big 8bgkvshe1 .zip.exe
%ALLUSERSPROFILE%\microsoft\rac\temp\f1i7cm ddqayq xxx girls titts lady (2hbt8wr).rar.exe
%ALLUSERSPROFILE%\microsoft\search\data\temp\tsomq34 apv53deiq9fw glans .mpg.exe
%ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\s2fkave h93bklf xxx uncut hole .avi.exe
%ALLUSERSPROFILE%\microsoft\windows\templates\upfgetx 8ok6yf xxx [milf] lady .zip.exe
%ALLUSERSPROFILE%\templates\f07qtt horse horse [bangbus] (c4w8hqa).zip.exe
C:\users\default\appdata\local\microsoft\windows\<INETFILES>\f07qtt nude [free] hole young .rar.exe
C:\users\default\appdata\local\<INETFILES>\black w6csjja14n1 nom72kl girls glans .avi.exe
C:\users\default\appdata\roaming\microsoft\windows\templates\8r3baiec cum gay big cock sgoibhh .mpeg.exe
C:\users\default\templates\beast epyxwn .mpg.exe
%LOCALAPPDATA%\microsoft\windows\<INETFILES>\nom72kl hot (!) hole js80j73 .mpg.exe
%TEMP%\fac71w2 cum mzwpstr8n uncut feet ash .avi.exe
%LOCALAPPDATA%\<INETFILES>\mzwpstr8n [milf] 50+ .avi.exe
%LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\f07qtt cum [free] glans balls (c4w8hqa).mpg.exe
%LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\eq7k2xcxt wep6b08 mzwpstr8n girls cock .avi.exe
%LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\beast nom72kl hole .mpeg.exe
%APPDATA%\microsoft\templates\sperm l9hwcs7vvnphd9 fishy (36mho73,jade).avi.exe
%APPDATA%\microsoft\windows\templates\upfgetx h93bklf yzw1afy apv53deiq9fw cock (jenna,liz).mpeg.exe
%APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\xxx [bangbus] titts ol6p1tua .avi.exe
%APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\mnho9y54 [milf] titts .zip.exe
%HOMEPATH%\templates\horse [free] 8bgkvshe1 .zip.exe
%WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\ [milf] feet (sandy,jade).avi.exe
%WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\8r3baiec cum xxx sgu4m7oc feet mg9fvb2xk9 (karin).mpg.exe
%WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\fac71w2 cum yzw1afy 7vepaqjm sgoibhh (gina,liz).zip.exe
%WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\yzw1afy ihthd33 glans zmc8ujp (2hbt8wr).zip.exe
%WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\horse [milf] hole .mpg.exe
%WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\gay sgu4m7oc titts lady (liz).rar.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\s2fkave w6csjja14n1 tsomq34 epyxwn b37oavmx289 .mpeg.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\yzw1afy epyxwn (y8oxsqa).zip.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\f07qtt ddqayq gay vjq39c1gwy feet ol6p1tua (jade).mpg.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\sperm vjq39c1gwy b37oavmx289 .rar.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\beast epyxwn feet js80j73 (2hbt8wr).mpg.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\f07qtt 8ok6yf horse vjq39c1gwy young .rar.exe
%WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\8r3baiec nude lpcu5ai3 [bangbus] .mpeg.exe
%WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\fac71w2 horse sperm [free] (sarah).mpeg.exe
%WINDIR%\assembly\temp\mnho9y54 sgu4m7oc js80j73 .rar.exe
%WINDIR%\assembly\tmp\ ihthd33 .zip.exe
%WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\yzw1afy uncut (jade).avi.exe
%WINDIR%\pla\templates\black ddqayq tsomq34 vjq39c1gwy rv0y8n .zip.exe
%WINDIR%\security\templates\z9z7rwe porn mnho9y54 sgu4m7oc qq6w54yfhtqrbwcslg .rar.exe
%WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\fac71w2 horse beast hot (!) titts girly (g6u8n4r).mpeg.exe
%WINDIR%\serviceprofiles\localservice\appdata\local\temp\horse [milf] mg9fvb2xk9 .mpg.exe
%WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\beast ihthd33 .zip.exe
%WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\mzwpstr8n sgu4m7oc cock b37oavmx289 (2hbt8wr).avi.exe
%WINDIR%\serviceprofiles\networkservice\appdata\local\temp\black horse horse uncut .rar.exe
%WINDIR%\syswow64\config\systemprofile\fac71w2 7nd83wovj lpcu5ai3 uncut qx2j1b5 .mpeg.exe
%WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\yzw1afy apv53deiq9fw nrb42wq .avi.exe
%WINDIR%\syswow64\fxstmp\7nd83wovj horse ihthd33 shoes (dehod0,y8oxsqa).zip.exe
%WINDIR%\syswow64\ime\shared\tsomq34 [milf] .avi.exe
%WINDIR%\syswow64\config\systemprofile\fac71w2 horse hot (!) (cy4xpd).zip.exe
%WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\mnho9y54 l9hwcs7vvnphd9 fishy .zip.exe
%WINDIR%\syswow64\fxstmp\nom72kl hot (!) .zip.exe
%WINDIR%\syswow64\ime\shared\fac71w2 bd1l5ir horse [free] hole 50+ .mpg.exe
%WINDIR%\temp\f07qtt bd1l5ir beast 7vepaqjm .rar.exe
%WINDIR%\winsxs\installtemp\h93bklf mzwpstr8n l9hwcs7vvnphd9 hole (36mho73,cy4xpd).avi.exe
<Текущая директория>\sqjaed7r1vnw
%CommonProgramFiles%\microsoft shared\8r3baiec h93bklf gay l9hwcs7vvnphd9 latex .mpeg.exe
%CommonProgramFiles%\microsoft shared\8r3baiec cum mzwpstr8n l9hwcs7vvnphd9 feet (36mho73,liz).mpg.exe
%ProgramFiles%\dvd maker\shared\black bd1l5ir nom72kl nom72kl mg9fvb2xk9 .zip.exe
%ProgramFiles%\dvd maker\shared\8r3baiec wep6b08 nom72kl [bangbus] glans .mpeg.exe
%ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\tsomq34 sgu4m7oc zmc8ujp .mpeg.exe
%ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\xxx ihthd33 glans nmibe2 .zip.exe
%ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\s2fkave 8ok6yf lpcu5ai3 apv53deiq9fw feet .rar.exe
%ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\f1i7cm 8ok6yf 7vepaqjm cock .mpg.exe
%ProgramFiles%\microsoft office\office14\groove\xml files\space templates\sperm [bangbus] feet young (dxocjwba).zip.exe
%ProgramFiles%\microsoft office\office14\groove\xml files\space templates\xxx bq4kno ae2sd7u4xh .mpeg.exe
%ProgramFiles%\microsoft office\templates\f1i7cm w6csjja14n1 mzwpstr8n hot (!) glans ejn547rbxhd1 .zip.exe
%ProgramFiles%\microsoft office\templates\eq7k2xcxt nude yzw1afy ihthd33 (sarah).rar.exe
%ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\lpcu5ai3 girls hairy .mpeg.exe
%ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\xxx 7vepaqjm hole rv0y8n (c4w8hqa).zip.exe
%ProgramFiles%\windows journal\templates\f07qtt w6csjja14n1 mzwpstr8n 7vepaqjm glans (hyo87il,y8oxsqa).mpeg.exe
%ProgramFiles%\windows journal\templates\upfgetx porn mnho9y54 vjq39c1gwy titts .mpeg.exe
%ProgramFiles%\windows sidebar\shared gadgets\f07qtt 8ok6yf vjq39c1gwy feet js80j73 (dxocjwba).mpeg.exe
%ProgramFiles%\windows sidebar\shared gadgets\f07qtt bd1l5ir horse sgu4m7oc (karin).zip.exe
%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\black w6csjja14n1 mzwpstr8n bq4kno cock zn3tvn .zip.exe
%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\ girls glans .rar.exe
%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\s2fkave xakmpl nom72kl hot (!) shoes .mpeg.exe
%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\upfgetx cum nom72kl hot (!) glans rv0y8n .mpg.exe
%CommonProgramFiles(x86)%\microsoft shared\z9z7rwe horse mnho9y54 7vepaqjm balls .avi.exe
%ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\lpcu5ai3 big ash .rar.exe
%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\f1i7cm h93bklf tsomq34 bq4kno qq6w54yfhtqrbwcslg .rar.exe
%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\z9z7rwe 7nd83wovj mzwpstr8n ihthd33 .mpeg.exe
%ProgramFiles(x86)%\windows sidebar\shared gadgets\xxx ihthd33 glans ash .mpeg.exe
%ALLUSERSPROFILE%\microsoft\rac\temp\f1i7cm bd1l5ir lpcu5ai3 vjq39c1gwy 40+ .zip.exe
%CommonProgramFiles(x86)%\microsoft shared\f07qtt h93bklf xxx l9hwcs7vvnphd9 fw58kpr41ob1w .mpg.exe
%ALLUSERSPROFILE%\microsoft\search\data\temp\black 8ok6yf tsomq34 [free] sm .mpeg.exe
%ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\tsomq34 nom72kl 6tl9zg0uqa .mpeg.exe
%ALLUSERSPROFILE%\microsoft\windows\templates\gay 7vepaqjm ae2sd7u4xh .rar.exe
%ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\8r3baiec porn sperm apv53deiq9fw titts lady (y8oxsqa).avi.exe
%ALLUSERSPROFILE%\templates\f07qtt bd1l5ir lpcu5ai3 [bangbus] feet 6tl9zg0uqa (liz).avi.exe
%ProgramFiles(x86)%\windows sidebar\shared gadgets\gzn4ud7e nude nom72kl [bangbus] glans .mpg.exe
%ALLUSERSPROFILE%\microsoft\rac\temp\mzwpstr8n uncut titts sweet .mpeg.exe
%ALLUSERSPROFILE%\microsoft\rac\temp\nom72kl bq4kno titts zmc8ujp .rar.exe
%ALLUSERSPROFILE%\microsoft\search\data\temp\ uncut glans boots .zip.exe
%ALLUSERSPROFILE%\microsoft\search\data\temp\gzn4ud7e horse beast [bangbus] glans .zip.exe
%ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\black cum big gh5b6gd7wrv (hyo87il,sarah).zip.exe
%ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\s2fkave h93bklf tsomq34 nom72kl js80j73 (dehod0,cy4xpd).mpeg.exe
%ALLUSERSPROFILE%\microsoft\windows\templates\lpcu5ai3 [free] titts .zip.exe
%ALLUSERSPROFILE%\templates\yzw1afy [milf] titts balls (2hbt8wr).rar.exe
%ALLUSERSPROFILE%\microsoft\windows\templates\horse uncut glans lzxyhb7k (y8oxsqa).rar.exe
%ALLUSERSPROFILE%\microsoft\rac\temp\z9z7rwe nude xxx [free] 40+ .avi.exe
%ALLUSERSPROFILE%\microsoft\search\data\temp\mnho9y54 l9hwcs7vvnphd9 b37oavmx289 (rdl1tfkz,g6u8n4r).mpg.exe
%ALLUSERSPROFILE%\templates\fac71w2 ddqayq gay girls latex .mpg.exe
%ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\mnho9y54 sgu4m7oc (sarah).rar.exe
C:\users\default\appdata\local\microsoft\windows\<INETFILES>\f07qtt cum nom72kl ihthd33 ae2sd7u4xh .rar.exe
%ALLUSERSPROFILE%\microsoft\windows\templates\eq7k2xcxt cum tsomq34 girls .mpg.exe
C:\users\default\appdata\local\temp\xxx vjq39c1gwy b37oavmx289 .mpg.exe
%ALLUSERSPROFILE%\templates\yzw1afy apv53deiq9fw .zip.exe
C:\users\default\appdata\local\microsoft\windows\<INETFILES>\eq7k2xcxt nude tsomq34 nom72kl (cy4xpd).rar.exe
C:\users\default\appdata\local\temp\f1i7cm ddqayq xxx [bangbus] (karin).rar.exe
C:\users\default\appdata\local\<INETFILES>\gay l9hwcs7vvnphd9 (dxocjwba).mpeg.exe
C:\users\default\appdata\local\<INETFILES>\black cum nom72kl hot (!) .mpg.exe
C:\users\default\appdata\roaming\microsoft\windows\templates\mzwpstr8n epyxwn (2hbt8wr).mpg.exe
C:\users\default\appdata\roaming\microsoft\windows\templates\xxx bq4kno .avi.exe
C:\users\default\templates\lpcu5ai3 uncut b37oavmx289 (sonja,y8oxsqa).mpeg.exe
C:\users\default\templates\8r3baiec nude girls glans .mpeg.exe
%LOCALAPPDATA%\microsoft\windows\<INETFILES>\black h93bklf tsomq34 uncut (c4w8hqa).avi.exe
%LOCALAPPDATA%\microsoft\windows\<INETFILES>\nom72kl apv53deiq9fw .avi.exe
%TEMP%\mzwpstr8n bq4kno 8pfmdyy (hyo87il,c4w8hqa).zip.exe
%TEMP%\gay uncut titts ae2sd7u4xh (karin).zip.exe
%LOCALAPPDATA%\<INETFILES>\gzn4ud7e 8ok6yf mnho9y54 uncut latex (sandy,2hbt8wr).mpg.exe
%LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\f1i7cm 7nd83wovj horse vjq39c1gwy .mpg.exe
%LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\eq7k2xcxt h93bklf nom72kl nom72kl glans sm (y8oxsqa).zip.exe
%LOCALAPPDATA%\<INETFILES>\beast 7vepaqjm 6tl9zg0uqa .mpg.exe
%LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\xxx uncut glans .zip.exe
%LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\gzn4ud7e porn mnho9y54 uncut 8bgkvshe1 .mpg.exe
%LOCALAPPDATA%low\mozilla\temp-{28060726-42ae-4e49-b300-93149d394ff5}\gzn4ud7e horse gay apv53deiq9fw zn3tvn .mpeg.exe
%LOCALAPPDATA%low\mozilla\temp-{bc1f1f78-2666-4310-aef7-f6fd5ba4bc43}\yzw1afy hot (!) lady .avi.exe
%APPDATA%\microsoft\templates\mnho9y54 hot (!) glans balls (g6u8n4r).zip.exe
%APPDATA%\microsoft\windows\templates\f07qtt ddqayq lpcu5ai3 sgu4m7oc glans .mpeg.exe
%APPDATA%\microsoft\templates\upfgetx w6csjja14n1 xxx hot (!) hole girly .avi.exe
%APPDATA%\microsoft\windows\templates\black h93bklf mzwpstr8n sgu4m7oc .avi.exe
%APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\mzwpstr8n 7vepaqjm hole (sandy,liz).rar.exe
%APPDATA%\mozilla\firefox\profiles\apc2n9d1.default-release\storage\temporary\nom72kl [free] .mpeg.exe
%APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\z9z7rwe ddqayq xxx uncut ae2sd7u4xh .avi.exe
%APPDATA%\thunderbird\profiles\rehh7ft5.default-release\storage\temporary\gay epyxwn .rar.exe
%HOMEPATH%\templates\8r3baiec 7nd83wovj gay nom72kl glans .mpg.exe
%HOMEPATH%\templates\eq7k2xcxt w6csjja14n1 sperm [bangbus] titts b37oavmx289 .mpeg.exe
%WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\black bd1l5ir horse vjq39c1gwy (g6u8n4r).mpg.exe
%WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\z9z7rwe bd1l5ir nom72kl apv53deiq9fw (jade).rar.exe
%WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor\f07qtt 7nd83wovj gay ihthd33 feet 50+ .zip.exe
%WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\8r3baiec cum xxx girls 50+ .mpg.exe
%WINDIR%\assembly\gac_32\microsoft.grouppolicy.admtmpleditor.resources\gay girls titts b37oavmx289 .avi.exe
%WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\gzn4ud7e bd1l5ir xxx nom72kl .mpg.exe
%WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor\lpcu5ai3 ihthd33 .avi.exe
%WINDIR%\assembly\gac_64\microsoft.grouppolicy.admtmpleditor.resources\f1i7cm 8ok6yf xxx hot (!) 779mipj (sonja,liz).avi.exe
%WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\gay sgu4m7oc lzxyhb7k (haj1oyikd,liz).rar.exe
%WINDIR%\assembly\gac_64\microsoft.sharepoint.businessdata.administration.client\beast [bangbus] zn3tvn .mpeg.exe
%WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\eq7k2xcxt bd1l5ir mnho9y54 bq4kno .rar.exe
%WINDIR%\assembly\gac_msil\microsoft.sharepoint.businessdata.administration.client.intl\mzwpstr8n uncut 40+ (haj1oyikd,sarah).zip.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\8r3baiec wep6b08 tsomq34 sgu4m7oc titts (36mho73,g6u8n4r).zip.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\mzwpstr8n big .rar.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\f07qtt horse yzw1afy hot (!) cock .mpg.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_32\temp\zap9e41.tmp\eq7k2xcxt horse gay ihthd33 latex .mpeg.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\8r3baiec 7nd83wovj yzw1afy [bangbus] feet 50+ .avi.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\z9z7rwe 7nd83wovj nom72kl nom72kl b37oavmx289 .avi.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\8r3baiec w6csjja14n1 yzw1afy nom72kl cock .mpeg.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape291.tmp\ apv53deiq9fw hole lzxyhb7k .zip.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zap6b8e.tmp\s2fkave xakmpl xxx [milf] feet shoes .mpeg.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\8ok6yf lpcu5ai3 girls cock .mpg.exe
%WINDIR%\assembly\nativeimages_v2.0.50727_64\temp\zape56e.tmp\gzn4ud7e 8ok6yf nom72kl 7vepaqjm .rar.exe
%WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\xxx [bangbus] hole sweet (c4w8hqa).zip.exe
%WINDIR%\assembly\nativeimages_v4.0.30319_32\temp\f1i7cm cum gay epyxwn .rar.exe
%WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\mnho9y54 apv53deiq9fw hole hotel .avi.exe
%WINDIR%\assembly\nativeimages_v4.0.30319_64\temp\fac71w2 cum gay nom72kl (jade).zip.exe
%WINDIR%\assembly\temp\sperm [bangbus] .avi.exe
%WINDIR%\assembly\temp\mnho9y54 apv53deiq9fw .zip.exe
%WINDIR%\assembly\tmp\f07qtt xakmpl xxx [milf] feet ejn547rbxhd1 .mpg.exe
%WINDIR%\assembly\tmp\black wep6b08 yzw1afy hot (!) .zip.exe
%WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\tsomq34 apv53deiq9fw 8pfmdyy (hyo87il,c4w8hqa).zip.exe
%WINDIR%\microsoft.net\framework\v4.0.30319\temporary asp.net files\f07qtt horse xxx uncut titts .mpeg.exe
%WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\fac71w2 horse yzw1afy l9hwcs7vvnphd9 hole .avi.exe
%WINDIR%\microsoft.net\framework64\v4.0.30319\temporary asp.net files\gzn4ud7e horse [free] .mpg.exe
%WINDIR%\pla\templates\upfgetx 7nd83wovj yzw1afy epyxwn glans lzxyhb7k .mpeg.exe
%WINDIR%\pla\templates\f1i7cm nude mnho9y54 nom72kl titts wifey .zip.exe
%WINDIR%\security\templates\black h93bklf nom72kl 7vepaqjm titts .avi.exe
%WINDIR%\security\templates\xxx [free] (c4w8hqa).rar.exe
%WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\gay [milf] hole qq6w54yfhtqrbwcslg .mpg.exe
%WINDIR%\serviceprofiles\localservice\appdata\local\temp\mzwpstr8n [bangbus] young .avi.exe
%WINDIR%\serviceprofiles\localservice\appdata\local\microsoft\windows\<INETFILES>\f07qtt bd1l5ir yzw1afy ihthd33 mg9fvb2xk9 (rdl1tfkz,y8oxsqa).zip.exe
%WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\mzwpstr8n uncut 50+ .mpg.exe
%WINDIR%\serviceprofiles\localservice\appdata\local\temp\z9z7rwe bd1l5ir yzw1afy l9hwcs7vvnphd9 titts .rar.exe
%WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\black 8ok6yf nom72kl big nmibe2 .mpg.exe
%WINDIR%\serviceprofiles\localservice\appdata\roaming\microsoft\windows\templates\xxx ihthd33 titts lzxyhb7k .mpg.exe
%WINDIR%\serviceprofiles\networkservice\appdata\local\temp\tsomq34 bq4kno feet 40+ (karin).avi.exe
%WINDIR%\serviceprofiles\networkservice\appdata\local\microsoft\windows\<INETFILES>\fac71w2 ddqayq beast sgu4m7oc feet qq6w54yfhtqrbwcslg (g6u8n4r).zip.exe
%WINDIR%\serviceprofiles\networkservice\appdata\local\temp\gzn4ud7e 7nd83wovj gay big .mpeg.exe
%WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\z9z7rwe 7nd83wovj lpcu5ai3 sgu4m7oc glans fishy (liz).mpeg.exe
%WINDIR%\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\templates\f1i7cm porn nom72kl [milf] titts fishy .rar.exe
%WINDIR%\syswow64\config\systemprofile\f1i7cm w6csjja14n1 mzwpstr8n vjq39c1gwy hole .mpeg.exe
%WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\eq7k2xcxt 7nd83wovj xxx vjq39c1gwy ejn547rbxhd1 .mpg.exe
%WINDIR%\syswow64\config\systemprofile\f1i7cm bd1l5ir sperm hot (!) latex .zip.exe
%WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\yzw1afy uncut glans boots .avi.exe
%WINDIR%\syswow64\fxstmp\viaz50 mzwpstr8n apv53deiq9fw .rar.exe
%WINDIR%\syswow64\fxstmp\eq7k2xcxt cum tsomq34 7vepaqjm nmibe2 .zip.exe
%WINDIR%\syswow64\ime\shared\ bq4kno ol6p1tua .avi.exe
%WINDIR%\syswow64\ime\shared\ apv53deiq9fw ae2sd7u4xh .avi.exe
%WINDIR%\syswow64\config\systemprofile\eq7k2xcxt nude yzw1afy big glans girly .mpeg.exe
%WINDIR%\syswow64\config\systemprofile\gzn4ud7e w6csjja14n1 tsomq34 ihthd33 .avi.exe
%WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\black horse lpcu5ai3 hot (!) fishy .mpeg.exe
%WINDIR%\syswow64\config\systemprofile\appdata\local\microsoft\windows\<INETFILES>\mnho9y54 l9hwcs7vvnphd9 ejn547rbxhd1 .mpeg.exe
%WINDIR%\syswow64\fxstmp\eq7k2xcxt nude gay apv53deiq9fw mg9fvb2xk9 .zip.exe
%WINDIR%\syswow64\ime\shared\s2fkave xakmpl sperm [bangbus] (g6u8n4r).rar.exe
%WINDIR%\syswow64\ime\shared\f1i7cm cum nom72kl uncut 6tl9zg0uqa .mpg.exe
%WINDIR%\temp\xxx vjq39c1gwy titts .mpg.exe
%WINDIR%\temp\mnho9y54 bq4kno .rar.exe
%WINDIR%\winsxs\installtemp\z1qxwcd lpcu5ai3 vjq39c1gwy .avi.exe
%WINDIR%\winsxs\installtemp\f07qtt ddqayq tsomq34 bq4kno titts .rar.exe
%CommonProgramFiles%\microsoft shared\black 8ok6yf sperm [free] lzxyhb7k (jenna,cy4xpd).avi.exe
%CommonProgramFiles%\microsoft shared\s2fkave ddqayq nom72kl hot (!) titts girly (sarah).zip.exe
%ProgramFiles%\dvd maker\shared\s2fkave ddqayq big glans .avi.exe
%ProgramFiles%\dvd maker\shared\black wep6b08 gay l9hwcs7vvnphd9 ash .zip.exe
%ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\lpcu5ai3 uncut glans young .mpeg.exe
%ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\documentshare\fac71w2 w6csjja14n1 horse nom72kl sgoibhh .avi.exe
%ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\z9z7rwe h93bklf tsomq34 girls cock qx2j1b5 (y8oxsqa).rar.exe
%ProgramFiles%\microsoft office\office14\groove\tooldata\groove.net\grooveforms\formstemplates\sperm nom72kl titts .mpeg.exe
%ProgramFiles%\microsoft office\office14\groove\xml files\space templates\beast ihthd33 .mpeg.exe
%ProgramFiles%\microsoft office\templates\eq7k2xcxt 8ok6yf bq4kno hole .zip.exe
%ProgramFiles%\microsoft office\office14\groove\xml files\space templates\fac71w2 7nd83wovj epyxwn qq6w54yfhtqrbwcslg .mpg.exe
%ProgramFiles%\microsoft office\templates\1033\onenote\14\notebook templates\porn mnho9y54 ihthd33 cock (haj1oyikd,liz).mpeg.exe
%ProgramFiles%\windows journal\templates\mzwpstr8n apv53deiq9fw 40+ .avi.exe
%ProgramFiles%\windows journal\templates\eq7k2xcxt 8ok6yf yzw1afy vjq39c1gwy feet mg9fvb2xk9 .avi.exe
%ProgramFiles%\windows sidebar\shared gadgets\black h93bklf mnho9y54 vjq39c1gwy young .zip.exe
%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\eq7k2xcxt w6csjja14n1 horse big nmibe2 .mpeg.exe
%ProgramFiles%\windows sidebar\shared gadgets\s2fkave xakmpl mzwpstr8n [free] (sarah).avi.exe
%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\idtemplates\f1i7cm w6csjja14n1 xxx girls hairy .avi.exe
%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\black 8ok6yf tsomq34 7vepaqjm balls .rar.exe
%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files\yzw1afy girls 779mipj .mpeg.exe
%ProgramFiles(x86)%\adobe\acrobat reader dc\reader\webresources\resource0\static\js\plugins\my-sharepoint-files-select\nom72kl sgu4m7oc feet .zip.exe
%CommonProgramFiles(x86)%\microsoft shared\wpjwijv lpcu5ai3 [bangbus] titts 8bgkvshe1 .avi.exe
%CommonProgramFiles(x86)%\microsoft shared\mnho9y54 l9hwcs7vvnphd9 sm .mpeg.exe
%ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\lpcu5ai3 ihthd33 titts .rar.exe
%ProgramFiles(x86)%\windows sidebar\shared gadgets\8r3baiec xakmpl lpcu5ai3 7vepaqjm titts qx2j1b5 .rar.exe
%ProgramFiles(x86)%\microsoft visual studio 8\common7\ide\vsta\itemtemplates\beast nom72kl ejn547rbxhd1 (rdl1tfkz,karin).mpeg.exe
%ALLUSERSPROFILE%\microsoft\rac\temp\black h93bklf lpcu5ai3 uncut ejn547rbxhd1 .mpeg.exe
%ProgramFiles(x86)%\windows sidebar\shared gadgets\gzn4ud7e h93bklf mzwpstr8n epyxwn feet .avi.exe
%ALLUSERSPROFILE%\microsoft\search\data\temp\upfgetx ddqayq lpcu5ai3 apv53deiq9fw glans .zip.exe
%ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\s2fkave cum lpcu5ai3 epyxwn cock hairy (c4w8hqa).zip.exe
%ALLUSERSPROFILE%\microsoft\rac\temp\gay epyxwn glans .mpg.exe
%ALLUSERSPROFILE%\microsoft\search\data\temp\fac71w2 7nd83wovj mzwpstr8n hot (!) titts (sandy,liz).avi.exe
%ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\gzn4ud7e bd1l5ir xxx ihthd33 hole sweet .mpeg.exe
%ALLUSERSPROFILE%\microsoft\windows\templates\gay nom72kl glans ae2sd7u4xh .rar.exe
%ALLUSERSPROFILE%\templates\gay [free] 40+ .avi.exe
%ALLUSERSPROFILE%\microsoft\windows\templates\eq7k2xcxt bd1l5ir nom72kl [free] .zip.exe
%ALLUSERSPROFILE%\microsoft\rac\temp\upfgetx 7nd83wovj gay girls lady .mpg.exe
%ALLUSERSPROFILE%\templates\sperm l9hwcs7vvnphd9 glans young .mpg.exe
%ALLUSERSPROFILE%\microsoft\search\data\temp\horse vjq39c1gwy feet qx2j1b5 .mpg.exe
%ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\ big glans zn3tvn (dxocjwba).avi.exe
%ALLUSERSPROFILE%\microsoft\windows\templates\gay apv53deiq9fw titts (jenna,2hbt8wr).mpeg.exe
%ALLUSERSPROFILE%\microsoft\rac\temp\mzwpstr8n bq4kno hole .rar.exe
%ALLUSERSPROFILE%\microsoft\search\data\temp\s2fkave xakmpl xxx uncut glans hairy .rar.exe
%ALLUSERSPROFILE%\templates\f1i7cm cum tsomq34 big .mpg.exe
C:\users\default\appdata\local\microsoft\windows\<INETFILES>\z9z7rwe cum sperm apv53deiq9fw hole 779mipj .rar.exe
%ALLUSERSPROFILE%\microsoft\windows\start menu\programs\sharepoint\eq7k2xcxt horse lpcu5ai3 apv53deiq9fw cock (haj1oyikd,y8oxsqa).avi.exe
C:\users\default\appdata\local\temp\z9z7rwe wep6b08 xxx epyxwn titts 8pfmdyy .zip.exe
%ALLUSERSPROFILE%\microsoft\windows\templates\eq7k2xcxt porn beast sgu4m7oc hole .mpg.exe
C:\users\default\appdata\local\<INETFILES>\f07qtt porn mnho9y54 [free] .mpeg.exe
C:\users\default\appdata\roaming\microsoft\windows\templates\8r3baiec horse sperm uncut cock .rar.exe
C:\users\default\templates\f07qtt h93bklf yzw1afy [milf] glans ae2sd7u4xh (karin).zip.exe
%ALLUSERSPROFILE%\templates\f1i7cm bd1l5ir xxx nom72kl cock .mpg.exe
C:\users\default\appdata\local\microsoft\windows\<INETFILES>\s2fkave horse tsomq34 ihthd33 feet (36mho73,y8oxsqa).avi.exe
C:\users\default\appdata\local\temp\mzwpstr8n [milf] .zip.exe
C:\users\default\appdata\local\<INETFILES>\mnho9y54 uncut .zip.exe
C:\users\default\appdata\roaming\microsoft\windows\templates\fac71w2 horse xxx nom72kl 779mipj .zip.exe
C:\users\default\templates\yzw1afy ihthd33 (2hbt8wr).mpg.exe
%LOCALAPPDATA%\microsoft\windows\<INETFILES>\sperm uncut .mpeg.exe
%TEMP%\ bq4kno glans boots .zip.exe
%LOCALAPPDATA%\<INETFILES>\upfgetx h93bklf lpcu5ai3 [milf] lzxyhb7k .avi.exe
%LOCALAPPDATA%low\mozilla\temp-{12c7f776-de07-4d8a-a6eb-93019fcb4f66}\s2fkave horse sperm hot (!) girly (36mho73,g6u8n4r).avi.exe

Сетевая активность

TCP

Другие

'34.##9.100.209':443

Другое

Ищет следующие окна

ClassName: 'Progman' WindowName: ''
ClassName: 'Proxy Desktop' WindowName: ''

Перезапускает анализируемый образец

Запускает на исполнение

'%WINDIR%\explorer.exe'

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней