UDS:DangerousObject.Multi.Generic

UDS:DangerousObject.Multi.Generic 介紹

UDS:DangerousObject.Multi.Generic是一種惡意軟件威脅,通常在損壞的PC上的多個位置同時發現該威脅。報告最頻繁的位置UDS:DangerousObject.Multi.Generic本身是“文檔和設置”,通常是C驅動器的組件。 UDS:DangerousObject.Multi.Generic很難通過許多安全應用程序從受影響的計算機中查找和卸載。 UDS:DangerousObject.Multi.Generic的檢測僅可用於添加到排除項,忽略,瀏覽包含該項的位置或可能產生威脅描述。 PC用戶要么被帶到空文件夾,要么無法訪問該對象。

別名: JS.Downloader.BSO [Ikarus], VBS/Dldr.Rowm.A, VBS.Siggen.7444 [DrWeb], UnclassifiedMalware [Comodo], Script.Trojan.Suspic.Pdcl, Trojan.Script.Siggen.degalj, Trojan.Script.Suspic.gen [Kaspersky], Script.Trojan.Agent.FZPT9I [GData], Win.Worm.Agent-4608 [ClamAV], JS:Downloader-BSP [Trj] [Avast], VBS/Agent.NCO, VBS.Downloader.Trojan [Symantec], Trojan.MSIL.Agent.QOJ, MSIL/Agent.QOJ!tr [Fortinet], Trojan/Win32.Agent [AhnLab-V3].

Do You Suspect Your Computer May Be Infected with UDS:DangerousObject.Multi.Generic & Other Threats? Scan Your Computer with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide users with in-depth system security analysis, detection and removal of a wide range of threats like UDS:DangerousObject.Multi.Generic as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover*

技術信息

文件系統詳情

UDS:DangerousObject.Multi.Generic創建以下文件:
# 文件名 大小 MD5 檢測計數
1 %ALLUSERSPROFILE%\039057420843.exe\039057420843.exe 2,440,208 79840cef19cd3e601cc8823e60852928 49
2 %SYSTEMDRIVE%\users\hybr!d meyers\desktop\.crack.exe 4,519,424 6b1f4b9ac908f4b3a6b606fab6e6d952 45
3 c:\programdata\estsoft\alyac\tmparc\tmp00000367\tmp000595e0 4,638,700 dca5602098261ace23c7457abaea1eab 42
4 C:\Users\Yiğit BOZYURT\AppData\Local\Z1RrSl.exe 2,188,288 7fc2b9b7ecc33869f630b07c99a37564 25
5 C:\Users\Toni\Downloads\4 In 1.exe 862,208 f7314648f5a262da1b2f723104b1dfb1 25
6 C:\ProgramData\XKJHCJ48PQ.exe 2,579,080 4c3aa6e47332e130b0ed14b6b8dd3fa3 24
7 %ALLUSERSPROFILE%\EWYH4O7U0X.exe\EWYH4O7U0X.exe 1,890,008 44e89d1e66c6a7ce8dcb634264508bb4 19
8 c:\users\walle\appdata\local\temp\rar$exb3600.39775\crack.exe 4,581,979 6404149cb21d0f2008443b1a19005d8c 18
9 C:\ProgramData\signed.exe 5,877,192 7225885fe2958a62398e59a279fdb857 17
10 C:\Users\Dragon\AppData\Roaming\Strikes\ldr_31_01_bs_1.exe 2,521,939 6e445e7927c4b78fbab8e491624ceea9 17
11 C:\ProgramData\W29P0WP6J7.exe 2,418,072 4fe7b3ba0691aa664183ab141c801ab4 17
12 %COMMONPROGRAMFILES(x86)%\uycyum.exe\uycyum.exe 3,792,896 d305114f41791f5e61606584e37a95e2 16
13 C:\Users\Yuriy\PowerShells.exe 485,730 47f403f9236a2a76b9fa2e6ea66815ff 15
14 C:\Users\My Documents\AppData\Roaming\WinUp\WinUp.exe 3,241,984 d1f033658fe09080434955fdf6d521cc 14
15 c:\windows\microsoft.net\framework64\v3.5\mscorsvw.exe 1,920,512 3619c5e3a7acc0761cef023631782cbd 12
16 C:\Program Files (x86)\Scjm\thwtovkjc44.exe 816,344 0d033a274941308ccc748e7f2ed7c88c 9
17 C:\Users\killc\Desktop\ytool\LeagueTags-win32-ia32\A\PSN Gift Card Generator.exe 1,610,291 6c38a52e304efdf189170ff489f2678a 9
18 C:\Users\Portable\chromecheck\chromecheck.exe 253,440 03de5bcd44a459fdcfd353580c31f385 8
19 c:\users\Дима\appdata\local\adobe\ppapi\5b48e443-ed1a-479a-9890-fe765c59ffe9\50d0ddba-e12f-411e-a964-582ef5f176b6.exe 916,626 b8c4126d94205070b713f2cde13e1782 7
20 %SYSTEMDRIVE%\users\chrisromero\appdata\roaming\microsoft\windows\start menu\programs\startup\key.exe 3,325,067 8db75f76c2cc97fdf7c0ec348074e19d 7
21 C:\Users\RICARDO\AppData\Roaming\Plan\javac.exe 1,088,512 dbeb1f51a6c47276163742717d79e413 7
22 c:\users\mediarulez\downloads\setup(1).exe 4,423,168 b2ecef674118843655c54e79c1df2200 6
23 C:\Users\asus\AppData\Roaming\Strikes\ldr_bs_02022020.exe 2,535,727 1c6e5eb0b450d58e91a1f555ac17814b 5
24 C:\Windows\sbnet\ShowBehind.exe 183,296 19af3429cbcacc1e1b8f79731f2bbb30 5
25 C:\Users\Administrador\AppData\Roaming\Intel\Wireless\CrashDumps\DeviceProperties.exe 1,087,246 7debf3dd6f505c43dde7fd99f349051c 5
26 c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\nsmys5nx\jp[1].exe 130,560 f1daa519be73e1657d7797ceab6c9428 4
27 %SYSTEMDRIVE%\Users\narn7\AppData\Roaming\Strikes\ldr_bs_05_05.exe\ldr_bs_05_05.exe 2,678,590 801963ed1917cc8635867838c1f8d72f 1
28 df6fa85ee2a3a348d9b85481c11340bd 20,992 df6fa85ee2a3a348d9b85481c11340bd 0
更多文件

註冊表詳情

UDS:DangerousObject.Multi.Generic創建以下註冊表條目:
Directory
%allusersprofile%\application data\cbnjsc
%ALLUSERSPROFILE%\Application Data\migvctgvwf
%ALLUSERSPROFILE%\Application Data\Process
%ALLUSERSPROFILE%\Application Data\subfolder
%ALLUSERSPROFILE%\Application Data\Time Manager
%ALLUSERSPROFILE%\Application Data\win
%ALLUSERSPROFILE%\cbnjsc
%ALLUSERSPROFILE%\Chrome 67
%ALLUSERSPROFILE%\chromebrowser
%ALLUSERSPROFILE%\clend
%ALLUSERSPROFILE%\CreativeAudio
%ALLUSERSPROFILE%\DataLoadUpdate
%ALLUSERSPROFILE%\dellhd
%ALLUSERSPROFILE%\ErrorResponder
%ALLUSERSPROFILE%\flashplayer
%ALLUSERSPROFILE%\gpuoptimizer
%ALLUSERSPROFILE%\ig stories downloader
%ALLUSERSPROFILE%\iTranslator
%ALLUSERSPROFILE%\java runtime service
%ALLUSERSPROFILE%\javaupdate
%ALLUSERSPROFILE%\Microsoft\ChromeHost
%ALLUSERSPROFILE%\migvctgvwf
%ALLUSERSPROFILE%\padur
%ALLUSERSPROFILE%\Process
%ALLUSERSPROFILE%\softwaredata
%ALLUSERSPROFILE%\subfolder
%ALLUSERSPROFILE%\SystemNetwork
%ALLUSERSPROFILE%\Time Manager
%ALLUSERSPROFILE%\UBlockPlugin
%ALLUSERSPROFILE%\xgrruglcri
%ALLUSERSPROFILE%\ybetnetrosh
%APPDATA%\adobe\x64v8
%APPDATA%\adobe\x86v8
%APPDATA%\AdobeUpdater
%APPDATA%\al files
%appdata%\AppVPolicy
%APPDATA%\AudioDG
%APPDATA%\CalAdmin
%APPDATA%\chome_exe
%appdata%\Core Temp
%APPDATA%\device association helper
%APPDATA%\DRPNano
%APPDATA%\ethr32
%appdata%\GoogleHandler
%APPDATA%\hnext
%APPDATA%\HttpFilter
%APPDATA%\Intel Rapid
%APPDATA%\javaupdate
%APPDATA%\JavaUpdaterV118
%APPDATA%\kuru
%APPDATA%\lucidswapper
%APPDATA%\McAfeeSecurity
%appdata%\Microsoft\Microsoft\m
%appdata%\microsoft\Windows\start menu\Programs\Startupx
%APPDATA%\Microsoft\Windows\Start Menu\Programs\WallpaperBoard
%appdata%\msdcsc
%appdata%\MSOCache
%APPDATA%\NewApp
%APPDATA%\NisS
%APPDATA%\NVIDIADriver
%APPDATA%\nvidiapl
%APPDATA%\nvidiaplugins
%APPDATA%\P4U8M5X3-N0E7-O7S5-B1Y3-J7Q6J4S0G6G5
%APPDATA%\Path
%APPDATA%\PresentationHost
%APPDATA%\PrivacyTools
%APPDATA%\qfabgqva
%appdata%\RailSoft
%APPDATA%\RAVBg64
%APPDATA%\realtek sound blaster
%appdata%\realteknb
%APPDATA%\renard
%APPDATA%\runtimeservice
%APPDATA%\Security Updater
%APPDATA%\smart clock
%appdata%\strikes
%APPDATA%\SunJavaUpdate
%appdata%\svsool
%APPDATA%\Sys_Processes
%APPDATA%\SysDriver
%APPDATA%\TempFolderPath
%APPDATA%\terminal
%appdata%\tspro manager
%APPDATA%\UBlockPlugin
%APPDATA%\vip72 (x86)
%APPDATA%\VP
%APPDATA%\WinBootSystem
%APPDATA%\Windupdt
%APPDATA%\wisinternal
%APPDATA%\yjfzjgnn
%APPDATA%\Yl9dVUAx
%APPDATA%\zupdater
%HOMEDRIVE%\Cache\All Users\{90120000-0019-0816-0000-0000000FF1CE}-C
%HOMEDRIVE%\DocumentssandsSettings
%homedrive%\happynewborn
%HOMEDRIVE%\nvidiareatek
%HOMEDRIVE%\Systemsolumsnformation
%HOMEDRIVE%\win
%LOCALAPPDATA%\_foldernamelocalappdata_
%LOCALAPPDATA%\adddeskmodule
%LOCALAPPDATA%\AdobeUpdater
%LOCALAPPDATA%\browserupdphenix
%LOCALAPPDATA%\hili
%localappdata%\icloudpi
%LOCALAPPDATA%\ILBridge
%LOCALAPPDATA%\intelmx
%LOCALAPPDATA%\NtvHost
%LOCALAPPDATA%\Path
%LOCALAPPDATA%\SysDriver
%LOCALAPPDATA%\wallpaperboard
%localappdata%\WinNetCore
%PROGRAMFILES%\bistout
%PROGRAMFILES%\bouma
%PROGRAMFILES%\Brek
%PROGRAMFILES%\castelle
%PROGRAMFILES%\Charkoucha
%PROGRAMFILES%\chome_exe
%PROGRAMFILES%\cleans
%PROGRAMFILES%\cole
%PROGRAMFILES%\coromiumsoftware\xml\system
%PROGRAMFILES%\cvbn
%PROGRAMFILES%\cyclique
%PROGRAMFILES%\Cyper
%PROGRAMFILES%\Dod
%PROGRAMFILES%\dodw
%PROGRAMFILES%\doleres
%PROGRAMFILES%\doles
%PROGRAMFILES%\DreamTrips
%PROGRAMFILES%\Fetmich
%PROGRAMFILES%\fyunzip
%PROGRAMFILES%\gatour
%PROGRAMFILES%\Gazouza
%PROGRAMFILES%\ghjk
%PROGRAMFILES%\hadoop
%PROGRAMFILES%\hps
%PROGRAMFILES%\innovative solutions\intervpn
%PROGRAMFILES%\inter vpn
%PROGRAMFILES%\intervpn
%PROGRAMFILES%\kabbout
%PROGRAMFILES%\kattous
%PROGRAMFILES%\Kituv\read
%PROGRAMFILES%\MLeemHqgAGUn
%PROGRAMFILES%\opura
%PROGRAMFILES%\rabbit66
%PROGRAMFILES%\scurity
%PROGRAMFILES%\sdnsv
%PROGRAMFILES%\sdvsdv
%PROGRAMFILES%\Seed Trade
%programfiles%\shrfuew
%PROGRAMFILES%\systimizer
%PROGRAMFILES%\toptes
%PROGRAMFILES%\tspro manager
%PROGRAMFILES%\US Media Capital
%PROGRAMFILES%\WW
%PROGRAMFILES%\xinsuzip
%PROGRAMFILES(x86)%\bistout
%PROGRAMFILES(x86)%\bouma
%PROGRAMFILES(x86)%\Brek
%PROGRAMFILES(x86)%\busa
%PROGRAMFILES(x86)%\castelle
%PROGRAMFILES(x86)%\Charkoucha
%PROGRAMFILES(x86)%\chome_exe
%PROGRAMFILES(x86)%\cleans
%PROGRAMFILES(x86)%\cole
%PROGRAMFILES(x86)%\coromiumsoftware\xml\system
%PROGRAMFILES(x86)%\cvbn
%PROGRAMFILES(x86)%\cyclique
%PROGRAMFILES(x86)%\Cyper
%PROGRAMFILES(x86)%\Dod
%PROGRAMFILES(x86)%\dodw
%PROGRAMFILES(x86)%\doleres
%PROGRAMFILES(x86)%\doles
%PROGRAMFILES(x86)%\DreamTrips
%PROGRAMFILES(x86)%\Fetmich
%PROGRAMFILES(x86)%\fyunzip
%PROGRAMFILES(x86)%\gatour
%PROGRAMFILES(x86)%\Gazouza
%PROGRAMFILES(x86)%\ghjk
%PROGRAMFILES(x86)%\hadoop
%PROGRAMFILES(x86)%\hps
%PROGRAMFILES(x86)%\innovative solutions\intervpn
%PROGRAMFILES(x86)%\inter vpn
%PROGRAMFILES(x86)%\intervpn
%PROGRAMFILES(x86)%\kabbout
%PROGRAMFILES(x86)%\kattous
%PROGRAMFILES(x86)%\Kituv\read
%PROGRAMFILES(x86)%\MLeemHqgAGUn
%PROGRAMFILES(x86)%\opura
%PROGRAMFILES(x86)%\ouxonpaar
%PROGRAMFILES(x86)%\scurity
%PROGRAMFILES(x86)%\sdnsv
%PROGRAMFILES(x86)%\sdvsdv
%PROGRAMFILES(x86)%\Seed Trade
%programfiles(x86)%\shrfuew
%PROGRAMFILES(x86)%\systimizer
%PROGRAMFILES(x86)%\toptes
%PROGRAMFILES(x86)%\tspro manager
%PROGRAMFILES(x86)%\US Media Capital
%PROGRAMFILES(x86)%\WW
%PROGRAMFILES(x86)%\xinsuzip
%TEMP%\appventvirtualization
%Temp%\lstemp
%TEMP%\sdfr
%TEMP%\Skyp
%UserProfile%\AppData\LocalLow\LIdrscGAPoBhw
%UserProfile%\AppData\LocalLow\xHLLMjruyIoAv
%USERPROFILE%\Documents\SystemServices Inc
%UserProfile%\Local Settings\Application Data\_foldernamelocalappdata_
%UserProfile%\Local Settings\Application Data\browserupdphenix
%USERPROFILE%\sadsg
%USERPROFILE%\scksk
%userprofile%\scr\scr
%USERPROFILE%\subfolder
%USERPROFILE%\UpdateNotificationMgr
%WINDIR%\temp\a75399f6-f026-4fb5-ada3-68d832bcffd3-sigs
%WINDIR%\Temp\FA5399F6-F026-4FGF-ADA3-68DD97
%WINDIR%\trustedlogos
File name without path
34efcdsax.exe
45grefcwd.exe
45rfedc.exe
4rfewgre.exe
5trevtrf.exe
[activator].exe
adsseed.exe
beleza.exe
brtvecet4re.exe
brtvr3ef.exe
cdplayerassistv10.exe
cdplayerassistv2.exe
cdplayerassistv8.exe
Criptografado.exe
Crooked.exe
ervdetbrvyb.exe
f3eedrgvf.exe
foto sexy.vbs
h5t4grfed.exe
hygtrf4ed.exe
intervpnmix.exe
intervpnmix2.exe
intervpnpub2.exe
LifeSuck.exe
minecraft.exe.rar.vbs
n.vbs
nektflix.exe
New Folder (2).exe
nyumyumnf.exe
Oh Shit.exe
ppplayerv3.0.tmp
school love and friends.exe
sdruyjh.exe
seescenicelfb.exe
seescenicelfq.exe
seescenicelfx.exe
serivce.vbs
Serives32.vbs
system.exe.exe
system3_.exe
takmgr.exe
Windows.Graphics.Printing.Workflow.exe
WinDriv.url
XHeate3r.exe
XOU Clock.scr
yfbkcxju.exe
youareanidiot.exe
Regexp file mask
%ALLUSERSPROFILE%\[RANDOM CHARACTERS].scr
%ALLUSERSPROFILE%\a9d3772275\hkmoov.exe
%ALLUSERSPROFILE%\adobe.js
%ALLUSERSPROFILE%\Adobe\system32\process.exe
%ALLUSERSPROFILE%\analporn.dll
%ALLUSERSPROFILE%\Application Data\[RANDOM CHARACTERS].scr
%ALLUSERSPROFILE%\Application Data\adobe.js
%ALLUSERSPROFILE%\Application Data\analporn.dll
%allusersprofile%\application data\temp[RANDOM CHARACTERS].exe
%allusersprofile%\application data\windows.bat
%ALLUSERSPROFILE%\cf4620d67a\hkmoov.exe
%ALLUSERSPROFILE%\eanavigator\eanavigator.exe
%allusersprofile%\images.exe
%ALLUSERSPROFILE%\load32.exe
%ALLUSERSPROFILE%\ms.exe
%ALLUSERSPROFILE%\plainupdate.exe
%allusersprofile%\putty.exe
%ALLUSERSPROFILE%\reducenv.exe
%ALLUSERSPROFILE%\reductor.exe
%ALLUSERSPROFILE%\search.exe
%ALLUSERSPROFILE%\systemidle.exe
%allusersprofile%\temp[RANDOM CHARACTERS].exe
%ALLUSERSPROFILE%\updates\updl.dll
%allusersprofile%\windows.bat
%appdata%\3425erf.exe
%APPDATA%\[RANDOM CHARACTERS]
%APPDATA%\[RANDOM CHARACTERS].scr
%APPDATA%\[RANDOM CHARACTERS].vbs
%APPDATA%\AdobeAR.exe
%APPDATA%\Autorunner.exe
%appdata%\autostarter.exe
%APPDATA%\cbvbfxcb.exe
%APPDATA%\CDRom.dll
%appdata%\certificates\sfxsv32.exe
%APPDATA%\Certificates\sibmfxsv.exe
%APPDATA%\Certificates\sishost.exe
%APPDATA%\chrome_update.exe
%appdata%\chromium caster.exe
%APPDATA%\ClientHost.exe
%APPDATA%\Config\windefender.exe
%APPDATA%\Constatplus.exe
%appdata%\cwrcdr4.exe
%appdata%\cyqdglmiqs.exe
%APPDATA%\d+.tmp.JS
%APPDATA%\DAS.exe
%APPDATA%\dgbsz.exe
%appdata%\dmcache\hidechrome.txt
%appdata%\dobi.exe
%APPDATA%\Eset.exe
%APPDATA%\fdfbvd.exe
%APPDATA%\fins.exe
%appdata%\firefox utility.exe
%appdata%\ghnnbgv.exe
%appdata%\ground.exe
%appdata%\gtreefcd.exe
%APPDATA%\IFSUtilityyDLL.exe
%APPDATA%\index\index.exe
%APPDATA%\iplog.url
%APPDATA%\Jucheckx64.exe
%appdata%\juirtjcfd.exe
%APPDATA%\KoDriver\mpgvec.exe
%appdata%\launcher_091.exe
%APPDATA%\lol.exe
%APPDATA%\mama\un[RANDOM CHARACTERS].exe
%APPDATA%\mcpu.exe
%APPDATA%\Media\sys32.exe
%APPDATA%\mgpu.exe
%appdata%\microsoft onedrive.exe
%appdata%\microsoft\javaupdate.exe
%APPDATA%\microsoft\windows\start menu\programs\images.exe
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\.vbs
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\CARTA-COBRO.vbs
%AppData%\Microsoft\Windows\Start Menu\Programs\Startup\d+.tmp.JS
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\Driver.url
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\FACTUR[RANDOM CHARACTERS].VBS
%appdata%\microsoft\windows\start menu\programs\startup\intelrapid.lnk
%APPDATA%\microsoft\windows\start menu\programs\startup\java update.exe
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Corporation.exe
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\Nvideo_driver.js
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\run.lnk
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\RuntimeBroker.exe
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\servicas.exe
%appdata%\microsoft\windows\start menu\programs\startup\sistema operacional.exe
%appdata%\microsoft\windows\start menu\programs\startup\system[RANDOM CHARACTERS].vbs
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\Worm.vbs
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\w{1,10}.tmp.exe
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\x.vbs
%appdata%\mozillamaintenanceserviced\mozillamaintenanceserviced.exe
%appdata%\msshell32
%APPDATA%\MyApp\MyApp.exe
%APPDATA%\null
%APPDATA%\paint.exe
%appdata%\payerss.ini
%APPDATA%\PC\app.exe
%APPDATA%\Pilot.exe
%APPDATA%\radeonwin.exe
%appdata%\rewrtrbvfd.exe
%appdata%\rtbvfdcred.exe
%appdata%\rtgefwd.exe
%appdata%\rv4vrcf34g.exe
%appdata%\ry9mumh1.exe
%APPDATA%\Sarat.exe
%appdata%\search.exe
%APPDATA%\Skypez.exe
%APPDATA%\SSJK.exe
%APPDATA%\start.exe
%APPDATA%\Suporte.exe
%APPDATA%\svcs.exe
%APPDATA%\svhost
%APPDATA%\tasklist.exe.1
%appdata%\tbgvrfcedxs.exe
%APPDATA%\Telegram.exe
%APPDATA%\terra.exe
%APPDATA%\tmp546.dat
%APPDATA%\TouchEnKey[RANDOM CHARACTERS].exe
%APPDATA%\update\update.exe
%APPDATA%\viddl.exe
%APPDATA%\vsmic.exe
%appdata%\windiver.dll
%APPDATA%\WindowsSearchHostFilter.exe
%APPDATA%\w{3,4}.tmp.exe
%appdata%\yhgtrfed.exe
%APPDATA%\zae.exe
%COMMONPROGRAMFILES%\system\srv.exe
%COMMONPROGRAMFILES%\system\sysmenu64.dll
%HOMEDRIVE%\$Recycle.Bin\find_me.tmp
%HOMEDRIVE%\[NUMBERS].exe
%LOCALAPPDATA%\exploit-main.dll
%LOCALAPPDATA%\GenericTools\DocBlue.exe
%LOCALAPPDATA%\GenericTools\SiSoft.exe
%LOCALAPPDATA%\GenericTools\WebSoft.exe
%LOCALAPPDATA%\JaxxLiberty\ServiceHub.IdentityHost.exe
%LOCALAPPDATA%\protect.exe
%LOCALAPPDATA%\schost.exe
%localappdata%\soloing.exe
%LOCALAPPDATA%\svdata.exe
%LOCALAPPDATA%\svsc.exe
%LOCALAPPDATA%\Temp/Server.exe
%localappdata%\tempserver[NUMBERS].exe
%localappdata%\w{1,3}.exe
%PROGRAMFILES%\[NUMBERS].exe
%programfiles%\bubas\setupx.exe
%programfiles%\copa\dowloadx.exe
%programfiles%\fkl\emsvc.exe
%programfiles%\love\setx.exe
%programfiles%\new year\setupx.exe
%programfiles%\pictures\[NUMBERS].exe
%programfiles%\xedd\setupx.exe
%PROGRAMFILES(x86)%\[NUMBERS].exe
%programfiles(x86)%\bubas\setupx.exe
%programfiles(x86)%\copa\dowloadx.exe
%programfiles(x86)%\fkl\emsvc.exe
%programfiles(x86)%\love\setx.exe
%programfiles(x86)%\new year\setupx.exe
%programfiles(x86)%\pictures\[NUMBERS].exe
%programfiles(x86)%\xedd\setupx.exe
%PUBLIC%\[RANDOM CHARACTERS].scr
%PUBLIC%\w{3,4}.exe
%SYSTEMDRIVE%\launcher.bat
%temp%\[RANDOM CHARACTERS]explorer.exe
%TEMP%\a[NUMBERS].exe
%TEMP%\cholericly.exe
%TEMP%\Disk.sys
%TEMP%\dllhost.exe
%temp%\fro.dfx
%temp%\giulkj.exe
%temp%\gocf.ksv
%temp%\rat.exe
%TEMP%\SBOTshot
%TEMP%\scrss.exe
%TEMP%\seescenicelfe.exe
%TEMP%\seescenicelfu.exe
%TEMP%\subconcious\subconcious.exe
%TEMP%\sysguard.exe
%TEMP%\sysqem[RANDOM CHARACTERS].exe
%TEMP%\Upd.exe
%TEMP%\update.vbs
%TEMP%\xelpi[RANDOM CHARACTERS].exe
%TEMP%\xtex[RANDOM CHARACTERS].exe
%USERPROFILE%\[RANDOM CHARACTERS].scr
%USERPROFILE%\AdobeUpdate.exe
%USERPROFILE%\Documents\DocumentsManager.exe
%UserProfile%\Local Settings\Application Data\protect.exe
%userprofile%\local settings\application data\soloing.exe
%USERPROFILE%\Msframework.exe
%USERPROFILE%\winlog.exe
%windir%\d.exe
%WINDIR%\Debug\Publisher\Windows\chromes.exe
%WINDIR%\Fonts\data\services.exe
%WINDIR%\Fonts\sqlup32bit.exe
%WINDIR%\pla\system\chromes.exe
%WINDIR%\sistem.exe
%WINDIR%\System32\[NUMBERS].bak
%windir%\system32\appidlua.exe
%windir%\system32\aticdxxfwd.dat
%WINDIR%\system32\config\systemprofile\appdata\local\microsoft\windows\inetcache\ie\app[[NUMBERS]].exe
%WINDIR%\system32\config\systemprofile\appdata\local\microsoft\windows\temporary internet files\content.ie5\app[[NUMBERS]].exe
%windir%\system32\drivers\etc\chromes.exe
%WINDIR%\System32\Gold Fish.scr
%WINDIR%\System32\skype.lnk
%WINDIR%\System32\Tasks\Time Trigger Task
%WINDIR%\system\my1.bat
%WINDIR%\SysWOW64\[NUMBERS].bak
%windir%\syswow64\appidlua.exe
%windir%\syswow64\aticdxxfwd.dat
%WINDIR%\syswow64\cubanjavamommy.exe
%windir%\syswow64\groupsitka.exe
%WINDIR%\SysWOW64\skype.lnk
%WINDIR%\Tasks\Time Trigger Task.job
%WINDIR%\win32.bat
%windir%\windows api service.exe
%WINDIR%\wmsvc.exe
Registry key
Software\Cryptbot Software
Software\Inter Vpn
Software\Microsoft\GcServices
SOFTWARE\MICROSOFT\GOCFK
Software\Microsoft\Windows\CurrentVersion\Run\Local Security Authority Subsystem Service
Software\Microsoft\Windows\CurrentVersion\Run\startupname
Software\Microsoft\Windows\Run\CurrentVersion
Software\Picture\rf44rfed
SOFTWARE\TrustedLogos
Software\US-Media Capital
Software\{C6D7ED1A-6343-4C1B-8AEC-2C36D31D7863}
SYSTEM\ControlSet001\Services\NetfilterSvc
SYSTEM\ControlSet002\Services\NetfilterSvc
SYSTEM\CurrentControlSet\Services\NetfilterSvc
Uninstaller
eweew3grthrtvew_is1
{13E374E4-E610-4F9E-ACC4-E461DA17D869}_is1
{20A12947-909E-45F0-957B-8C23100E11A1}_is1
{5082A4DA-0AA4-4C83-803B-1768F904FDB6}_is1
{5BAD1C8A-1F21-4AF6-B1F1-A51AEC0AF2D4}_is1
{97BF2403-89E3-46B1-A06F-78737FC8EC68}_is1
{A85872A1-C7D3-48C2-8E83-8CFDE1A90A97}_is1
{B6AFEAB8-DEEA-4147-8E70-D7733B5F7548}_is1
{C058636C-2C48-4F5D-A933-7CCCD0C7F4EF}_is1
{D6EDC6EC-5CF5-4407-9E7E-1E32326B68A0}_is1

網站免責聲明

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

發表評論

請不要將此評論系統用於支持或結算問題。 若要獲取SpyHunter技術支持,請通過SpyHunter打開技術支持問題直接聯繫我們的技術團隊。 有關結算問題,請參考“結算問題?”頁面。 有關一般查詢(投訴、法律、媒體、營銷、版權),請訪問我們的“查詢和反饋”頁面。