Защити созданное

Другие наши ресурсы

  • free.drweb.kz — бесплатные утилиты, плагины, информеры
  • av-desk.com — интернет-сервис для поставщиков услуг Dr.Web AV-Desk
  • curenet.drweb.kz — сетевая лечащая утилита Dr.Web CureNet!
Закрыть

Библиотека
Моя библиотека

Чтобы добавить ресурс в библиотеку, войдите в аккаунт.

+ Добавить в библиотеку

Ресурсов: -

Последний: -

Моя библиотека

Поиск
Поиск

Поиск

Поддержка
Круглосуточная поддержка | Правила обращения

Напишите

Запрос через форму

Позвоните

Глобальная поддержка:
+7 (495) 789-45-86

ЧаВо | Форум

Ваши запросы

  • Все: -
  • Незакрытые: -
  • Последний: -
Создать новый запрос Частые вопросы

Позвоните

Глобальная поддержка:
+7 (495) 789-45-86

Свяжитесь с нами Незакрытые запросы: 

Профиль

Профиль

KZ

RU CN DE EN ES FR IT JP KZ UZ PL BY
Закрыть
Сервисы
Сканеры
Dr.Web vxCube
Демо
Экспертиза ВКИ
Вирусная библиотека
База знаний

Технологии

Термины

Обучение и просвещение

Мифы

Новости

Trojan.DownLoader45.23111

Добавлен в вирусную базу Dr.Web: 2022-10-07

Описание добавлено:

Technical Information

Modifies file system
Creates the following files
  • %TEMP%\is-n4cn3.tmp\is-otuff.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-8eakj.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-eun5v.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-kc213.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-s3sts.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-g22o1.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-3e4e4.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-7qi9g.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-0qsov.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-ufbsq.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-h0lbr.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-oiakd.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-q80cg.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-qse76.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-ul0nt.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-0v83l.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-bmk7f.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-49l2v.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-58jel.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-vqcau.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-23bm2.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-9012r.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-1a4uu.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-9dimm.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-k635j.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-t5o9f.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-punr2.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-h7ba6.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-5b2af.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-bc1a4.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-gv41t.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-17b3h.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-lpdrp.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-0p16a.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-na5ha.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-3tlne.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-cbj2a.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-nvuf1.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-0vano.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-rsvv1.tmp
  • %ProgramFiles(x86)%\universal extractor\uniextract.exe
  • %ProgramFiles(x86)%\universal extractor\bin\is-njraa.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\unp\is-let4e.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\unp\is-ogs7b.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\unp\is-dde35.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\unp\is-9evge.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\unp\is-lumu3.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\unp\is-l8lqn.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\unp\is-qpeff.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\unp\is-ich33.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\unp\is-s3931.tmp
  • %ProgramFiles(x86)%\universal extractor\is-jb5jf.tmp
  • %ProgramFiles(x86)%\universal extractor\is-38fdr.tmp
  • %ProgramFiles(x86)%\universal extractor\is-5q2bt.tmp
  • %ProgramFiles(x86)%\universal extractor\is-hfi5e.tmp
  • %ProgramFiles(x86)%\universal extractor\is-epulc.tmp
  • %ProgramFiles(x86)%\universal extractor\unins000.dat
  • %ProgramFiles(x86)%\universal extractor\bin\unp\is-nldap.tmp
  • %ProgramFiles(x86)%\universal extractor\is-6nu8r.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\unp\is-1p0pj.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-p7af3.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-3gid1.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-rdnmd.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-5gl1v.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-r16c3.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-8ltfr.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-t0rot.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-o6glg.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-c4kgo.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-i8u7u.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-noom6.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-j0o2c.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-09o42.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-4f3lo.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-aktsf.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-ivb5a.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-h58lp.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-i8bt9.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-rma3m.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-his88.tmp
  • %ProgramFiles(x86)%\universal extractor\bin\is-i1kqd.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-nmljs.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-b8qvd.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-4h3kg.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-cg73u.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-n40fa.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-46evg.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-ofe4o.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-b8348.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-o6qhf.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-c7v38.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-ubhru.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-fnla9.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-pdol2.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-1jtq8.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-p060f.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-kkuso.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-1nisf.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-c80lj.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-lpc65.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-uetmi.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-omthk.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-s3603.tmp
  • %TEMP%\is-e02d1.tmp\_isetup\_shfoldr.dll
  • %TEMP%\is-e02d1.tmp\_iscrypt.dll
  • %ProgramFiles(x86)%\universal extractor\is-fn73j.tmp
  • %ProgramFiles(x86)%\universal extractor\is-5ov6n.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-e22hh.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-jkhfr.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-6prgl.tmp
  • %TEMP%\is-e02d1.tmp\_isetup\_setup64.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-nii30.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-5lbp2.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-jl4dm.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-ptpv2.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-3ch98.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-o27sc.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-0jatc.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-o8s8k.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-mr15v.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-v4km8.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-eskme.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-2e8p0.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-rb0ns.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-19npq.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-rkdqm.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-1ajeb.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-2kcst.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-f072t.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-m6oj7.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-n48a2.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-flp4f.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-dr0vv.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-67kto.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-9emrl.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-8qtld.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-ngpbf.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-snc41.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-o8ri5.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-6577v.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-j0rp7.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-2ubee.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-fn435.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-j8riu.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-tevin.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-j0l62.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-68ih2.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-bg3r6.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-4gre6.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-13ued.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-fpmlo.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-r1u6a.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-b45pm.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-kj467.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-nc7nn.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-vd0qf.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-gkb0i.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-ta5o6.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-2eqcm.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-a1kab.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-mk79i.tmp
  • %ProgramFiles(x86)%\universal extractor\docs\is-rnise.tmp
  • %TEMP%\jdegg.txt
Moves the following files
  • from %ProgramFiles(x86)%\universal extractor\is-fn73j.tmp to %ProgramFiles(x86)%\universal extractor\unins000.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-eun5v.tmp to %ProgramFiles(x86)%\universal extractor\bin\e_wise_w.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-kc213.tmp to %ProgramFiles(x86)%\universal extractor\bin\forcelibrary.dll
  • from %ProgramFiles(x86)%\universal extractor\bin\is-s3sts.tmp to %ProgramFiles(x86)%\universal extractor\bin\helpdeco.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-g22o1.tmp to %ProgramFiles(x86)%\universal extractor\bin\i3comp.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-3e4e4.tmp to %ProgramFiles(x86)%\universal extractor\bin\i5comp.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-nvuf1.tmp to %ProgramFiles(x86)%\universal extractor\bin\7z.dll
  • from %ProgramFiles(x86)%\universal extractor\bin\is-ufbsq.tmp to %ProgramFiles(x86)%\universal extractor\bin\i6comp.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-49l2v.tmp to %ProgramFiles(x86)%\universal extractor\bin\instexpl.dll
  • from %ProgramFiles(x86)%\universal extractor\bin\is-h0lbr.tmp to %ProgramFiles(x86)%\universal extractor\bin\instexpl.wcx
  • from %ProgramFiles(x86)%\universal extractor\bin\is-oiakd.tmp to %ProgramFiles(x86)%\universal extractor\bin\isxunpack.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-q80cg.tmp to %ProgramFiles(x86)%\universal extractor\bin\lzop.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-qse76.tmp to %ProgramFiles(x86)%\universal extractor\bin\mhtunp.wcx
  • from %ProgramFiles(x86)%\universal extractor\bin\is-ul0nt.tmp to %ProgramFiles(x86)%\universal extractor\bin\msi.wcx
  • from %ProgramFiles(x86)%\universal extractor\bin\is-7qi9g.tmp to %ProgramFiles(x86)%\universal extractor\bin\extract.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-bmk7f.tmp to %ProgramFiles(x86)%\universal extractor\bin\innounp.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-8eakj.tmp to %ProgramFiles(x86)%\universal extractor\bin\e_wise.ini
  • from %ProgramFiles(x86)%\universal extractor\bin\is-0qsov.tmp to %ProgramFiles(x86)%\universal extractor\bin\extractmht.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-58jel.tmp to %ProgramFiles(x86)%\universal extractor\bin\dbxplug.wcx
  • from %ProgramFiles(x86)%\universal extractor\bin\is-vqcau.tmp to %ProgramFiles(x86)%\universal extractor\bin\cmdtotal.exe
  • from %ProgramFiles(x86)%\universal extractor\docs\is-9dimm.tmp to %ProgramFiles(x86)%\universal extractor\docs\unzip_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-k635j.tmp to %ProgramFiles(x86)%\universal extractor\docs\upx_license.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-t5o9f.tmp to %ProgramFiles(x86)%\universal extractor\docs\upx_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-punr2.tmp to %ProgramFiles(x86)%\universal extractor\docs\upx_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-h7ba6.tmp to %ProgramFiles(x86)%\universal extractor\docs\uudeview_license.txt
  • from %ProgramFiles(x86)%\universal extractor\bin\is-0v83l.tmp to %ProgramFiles(x86)%\universal extractor\bin\msix.exe
  • from %ProgramFiles(x86)%\universal extractor\docs\is-bc1a4.tmp to %ProgramFiles(x86)%\universal extractor\docs\uudeview_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-5b2af.tmp to %ProgramFiles(x86)%\universal extractor\docs\unzip_license.txt
  • from %ProgramFiles(x86)%\universal extractor\bin\is-gv41t.tmp to %ProgramFiles(x86)%\universal extractor\bin\7z.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-lpdrp.tmp to %ProgramFiles(x86)%\universal extractor\bin\arj.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-0p16a.tmp to %ProgramFiles(x86)%\universal extractor\bin\aspackdie.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-na5ha.tmp to %ProgramFiles(x86)%\universal extractor\bin\bin2iso.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-3tlne.tmp to %ProgramFiles(x86)%\universal extractor\bin\booz.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-cbj2a.tmp to %ProgramFiles(x86)%\universal extractor\bin\cdirip.exe
  • from %ProgramFiles(x86)%\universal extractor\docs\is-9012r.tmp to %ProgramFiles(x86)%\universal extractor\docs\unzip_man.txt
  • from %ProgramFiles(x86)%\universal extractor\bin\is-23bm2.tmp to %ProgramFiles(x86)%\universal extractor\bin\clit.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-17b3h.tmp to %ProgramFiles(x86)%\universal extractor\bin\arc.exe
  • from %ProgramFiles(x86)%\universal extractor\docs\is-1a4uu.tmp to %ProgramFiles(x86)%\universal extractor\docs\unzip_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\bin\is-0vano.tmp to %ProgramFiles(x86)%\universal extractor\bin\nbhextract.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-i8u7u.tmp to %ProgramFiles(x86)%\universal extractor\bin\raiu.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\unp\is-qpeff.tmp to %ProgramFiles(x86)%\universal extractor\bin\unp\bzip2_2.unp
  • from %ProgramFiles(x86)%\universal extractor\bin\unp\is-ich33.tmp to %ProgramFiles(x86)%\universal extractor\bin\unp\bzip2_3.unp
  • from %ProgramFiles(x86)%\universal extractor\bin\unp\is-let4e.tmp to %ProgramFiles(x86)%\universal extractor\bin\unp\eschalon.unp
  • from %ProgramFiles(x86)%\universal extractor\bin\unp\is-ogs7b.tmp to %ProgramFiles(x86)%\universal extractor\bin\unp\gentee.unp
  • from %ProgramFiles(x86)%\universal extractor\bin\unp\is-dde35.tmp to %ProgramFiles(x86)%\universal extractor\bin\unp\inflate1.unp
  • from %ProgramFiles(x86)%\universal extractor\bin\unp\is-9evge.tmp to %ProgramFiles(x86)%\universal extractor\bin\unp\inflate2.unp
  • from %ProgramFiles(x86)%\universal extractor\bin\is-i8bt9.tmp to %ProgramFiles(x86)%\universal extractor\bin\zd50149.dll
  • from %ProgramFiles(x86)%\universal extractor\bin\unp\is-lumu3.tmp to %ProgramFiles(x86)%\universal extractor\bin\unp\inflate3.unp
  • from %ProgramFiles(x86)%\universal extractor\bin\unp\is-s3931.tmp to %ProgramFiles(x86)%\universal extractor\bin\unp\pkware.unp
  • from %ProgramFiles(x86)%\universal extractor\bin\unp\is-nldap.tmp to %ProgramFiles(x86)%\universal extractor\bin\unp\vise.unp
  • from %ProgramFiles(x86)%\universal extractor\is-6nu8r.tmp to %ProgramFiles(x86)%\universal extractor\changelog.txt
  • from %ProgramFiles(x86)%\universal extractor\is-jb5jf.tmp to %ProgramFiles(x86)%\universal extractor\license.txt
  • from %ProgramFiles(x86)%\universal extractor\is-38fdr.tmp to %ProgramFiles(x86)%\universal extractor\uniextract.ico
  • from %ProgramFiles(x86)%\universal extractor\is-5q2bt.tmp to %ProgramFiles(x86)%\universal extractor\turbosearch.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-p7af3.tmp to %ProgramFiles(x86)%\universal extractor\bin\zd55131.dll
  • from %ProgramFiles(x86)%\universal extractor\bin\unp\is-1p0pj.tmp to %ProgramFiles(x86)%\universal extractor\bin\unp\bzip2_1.unp
  • from %ProgramFiles(x86)%\universal extractor\bin\is-3gid1.tmp to %ProgramFiles(x86)%\universal extractor\bin\zd51145.dll
  • from %ProgramFiles(x86)%\universal extractor\bin\is-h58lp.tmp to %ProgramFiles(x86)%\universal extractor\bin\wun.exe
  • from %ProgramFiles(x86)%\universal extractor\docs\is-kj467.tmp to %ProgramFiles(x86)%\universal extractor\docs\lzma_license.txt
  • from %ProgramFiles(x86)%\universal extractor\bin\is-rdnmd.tmp to %ProgramFiles(x86)%\universal extractor\bin\stix_d.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-5gl1v.tmp to %ProgramFiles(x86)%\universal extractor\bin\tee.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-r16c3.tmp to %ProgramFiles(x86)%\universal extractor\bin\trid.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-8ltfr.tmp to %ProgramFiles(x86)%\universal extractor\bin\triddefs.trd
  • from %ProgramFiles(x86)%\universal extractor\bin\is-t0rot.tmp to %ProgramFiles(x86)%\universal extractor\bin\uharc02.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-i1kqd.tmp to %ProgramFiles(x86)%\universal extractor\bin\nrg2iso.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-njraa.tmp to %ProgramFiles(x86)%\universal extractor\bin\peid.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-rsvv1.tmp to %ProgramFiles(x86)%\universal extractor\bin\pdunsis.wcx
  • from %ProgramFiles(x86)%\universal extractor\bin\is-o6glg.tmp to %ProgramFiles(x86)%\universal extractor\bin\uharc04.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-j0o2c.tmp to %ProgramFiles(x86)%\universal extractor\bin\unzip.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-09o42.tmp to %ProgramFiles(x86)%\universal extractor\bin\upx.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-4f3lo.tmp to %ProgramFiles(x86)%\universal extractor\bin\userdb.txt
  • from %ProgramFiles(x86)%\universal extractor\bin\is-aktsf.tmp to %ProgramFiles(x86)%\universal extractor\bin\uudeview.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-ivb5a.tmp to %ProgramFiles(x86)%\universal extractor\bin\wdosxle.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-c4kgo.tmp to %ProgramFiles(x86)%\universal extractor\bin\unlzx.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-noom6.tmp to %ProgramFiles(x86)%\universal extractor\bin\unrar.exe
  • from %ProgramFiles(x86)%\universal extractor\bin\is-rma3m.tmp to %ProgramFiles(x86)%\universal extractor\bin\unuharc06.exe
  • from %ProgramFiles(x86)%\universal extractor\docs\is-his88.tmp to %ProgramFiles(x86)%\universal extractor\docs\unrar_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-nmljs.tmp to %ProgramFiles(x86)%\universal extractor\docs\unrar_license.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-rnise.tmp to %ProgramFiles(x86)%\universal extractor\docs\unlzx_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-ofe4o.tmp to %ProgramFiles(x86)%\universal extractor\docs\dbxplug_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-b8348.tmp to %ProgramFiles(x86)%\universal extractor\docs\ewise_author.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-ubhru.tmp to %ProgramFiles(x86)%\universal extractor\docs\ewise_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-c80lj.tmp to %ProgramFiles(x86)%\universal extractor\docs\ewise_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-lpc65.tmp to %ProgramFiles(x86)%\universal extractor\docs\extractmht_license.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-fnla9.tmp to %ProgramFiles(x86)%\universal extractor\docs\extractmht_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-rb0ns.tmp to %ProgramFiles(x86)%\universal extractor\docs\i5comp_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-pdol2.tmp to %ProgramFiles(x86)%\universal extractor\docs\extract_license.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-p060f.tmp to %ProgramFiles(x86)%\universal extractor\docs\helpdeco_license.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-kkuso.tmp to %ProgramFiles(x86)%\universal extractor\docs\helpdeco_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-1nisf.tmp to %ProgramFiles(x86)%\universal extractor\docs\helpdeco_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-v4km8.tmp to %ProgramFiles(x86)%\universal extractor\docs\hwun_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-b8qvd.tmp to %ProgramFiles(x86)%\universal extractor\docs\hwun_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-cg73u.tmp to %ProgramFiles(x86)%\universal extractor\docs\cmdtotal_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-4h3kg.tmp to %ProgramFiles(x86)%\universal extractor\docs\cmdtotal_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-46evg.tmp to %ProgramFiles(x86)%\universal extractor\docs\convertlit_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-c7v38.tmp to %ProgramFiles(x86)%\universal extractor\docs\cdrip_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-o6qhf.tmp to %ProgramFiles(x86)%\universal extractor\docs\cdirip_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\is-5ov6n.tmp to %ProgramFiles(x86)%\universal extractor\english.ini
  • from %ProgramFiles(x86)%\universal extractor\docs\is-jkhfr.tmp to %ProgramFiles(x86)%\universal extractor\docs\7zip_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-6prgl.tmp to %ProgramFiles(x86)%\universal extractor\docs\7zip_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-nii30.tmp to %ProgramFiles(x86)%\universal extractor\docs\arc_license.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-mr15v.tmp to %ProgramFiles(x86)%\universal extractor\docs\arc_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-5lbp2.tmp to %ProgramFiles(x86)%\universal extractor\docs\arc_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-eskme.tmp to %ProgramFiles(x86)%\universal extractor\docs\i3comp_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-jl4dm.tmp to %ProgramFiles(x86)%\universal extractor\docs\arj_license.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-1jtq8.tmp to %ProgramFiles(x86)%\universal extractor\docs\extract_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-3ch98.tmp to %ProgramFiles(x86)%\universal extractor\docs\arj_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-0jatc.tmp to %ProgramFiles(x86)%\universal extractor\docs\aspackdie_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-o8s8k.tmp to %ProgramFiles(x86)%\universal extractor\docs\bin2iso_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-s3603.tmp to %ProgramFiles(x86)%\universal extractor\docs\bin2iso_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-omthk.tmp to %ProgramFiles(x86)%\universal extractor\docs\booz_readme.doc
  • from %ProgramFiles(x86)%\universal extractor\docs\is-uetmi.tmp to %ProgramFiles(x86)%\universal extractor\docs\booz_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-ptpv2.tmp to %ProgramFiles(x86)%\universal extractor\docs\arj_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-e22hh.tmp to %ProgramFiles(x86)%\universal extractor\docs\7zip_license.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-o27sc.tmp to %ProgramFiles(x86)%\universal extractor\docs\aspackdie_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-n40fa.tmp to %ProgramFiles(x86)%\universal extractor\docs\convertlit_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-r1u6a.tmp to %ProgramFiles(x86)%\universal extractor\docs\i5comp_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-19npq.tmp to %ProgramFiles(x86)%\universal extractor\docs\nrg2iso_license.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-1ajeb.tmp to %ProgramFiles(x86)%\universal extractor\docs\pdunsis_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-2kcst.tmp to %ProgramFiles(x86)%\universal extractor\docs\pdunsis_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-f072t.tmp to %ProgramFiles(x86)%\universal extractor\docs\peid_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-m6oj7.tmp to %ProgramFiles(x86)%\universal extractor\docs\peid_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-dr0vv.tmp to %ProgramFiles(x86)%\universal extractor\docs\stix_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-flp4f.tmp to %ProgramFiles(x86)%\universal extractor\docs\nbgextract_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-tevin.tmp to %ProgramFiles(x86)%\universal extractor\docs\i6comp_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-rkdqm.tmp to %ProgramFiles(x86)%\universal extractor\docs\nrg2iso_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-6577v.tmp to %ProgramFiles(x86)%\universal extractor\docs\stix_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-8qtld.tmp to %ProgramFiles(x86)%\universal extractor\docs\trid_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-ngpbf.tmp to %ProgramFiles(x86)%\universal extractor\docs\uharc_license.doc
  • from %ProgramFiles(x86)%\universal extractor\docs\is-snc41.tmp to %ProgramFiles(x86)%\universal extractor\docs\uharc_readme.doc
  • from %ProgramFiles(x86)%\universal extractor\docs\is-o8ri5.tmp to %ProgramFiles(x86)%\universal extractor\docs\uharc_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-2e8p0.tmp to %ProgramFiles(x86)%\universal extractor\docs\unlzx_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-j0rp7.tmp to %ProgramFiles(x86)%\universal extractor\docs\tee_license.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-67kto.tmp to %ProgramFiles(x86)%\universal extractor\docs\tee_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-9emrl.tmp to %ProgramFiles(x86)%\universal extractor\docs\trid_readme_e.txt
  • from %ProgramFiles(x86)%\universal extractor\bin\unp\is-l8lqn.tmp to %ProgramFiles(x86)%\universal extractor\bin\unp\lzma.unp
  • from %ProgramFiles(x86)%\universal extractor\is-hfi5e.tmp to %ProgramFiles(x86)%\universal extractor\uniextract.exe
  • from %ProgramFiles(x86)%\universal extractor\docs\is-fn435.tmp to %ProgramFiles(x86)%\universal extractor\docs\msix_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-68ih2.tmp to %ProgramFiles(x86)%\universal extractor\docs\innounp_license.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-bg3r6.tmp to %ProgramFiles(x86)%\universal extractor\docs\innounp_readme.htm
  • from %ProgramFiles(x86)%\universal extractor\docs\is-4gre6.tmp to %ProgramFiles(x86)%\universal extractor\docs\innounp_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-13ued.tmp to %ProgramFiles(x86)%\universal extractor\docs\installexplorer_readme_en.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-fpmlo.tmp to %ProgramFiles(x86)%\universal extractor\docs\installexplorer_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-b45pm.tmp to %ProgramFiles(x86)%\universal extractor\docs\isxunpack_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-2ubee.tmp to %ProgramFiles(x86)%\universal extractor\docs\msi_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-n48a2.tmp to %ProgramFiles(x86)%\universal extractor\docs\msi_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-mk79i.tmp to %ProgramFiles(x86)%\universal extractor\docs\isxunpack_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-vd0qf.tmp to %ProgramFiles(x86)%\universal extractor\docs\lzma_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-gkb0i.tmp to %ProgramFiles(x86)%\universal extractor\docs\lzop_license.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-ta5o6.tmp to %ProgramFiles(x86)%\universal extractor\docs\lzop_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-2eqcm.tmp to %ProgramFiles(x86)%\universal extractor\docs\lzop_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-a1kab.tmp to %ProgramFiles(x86)%\universal extractor\docs\mhtunp_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-j8riu.tmp to %ProgramFiles(x86)%\universal extractor\docs\mhtunp_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-j0l62.tmp to %ProgramFiles(x86)%\universal extractor\docs\i6comp_url.txt
  • from %ProgramFiles(x86)%\universal extractor\docs\is-nc7nn.tmp to %ProgramFiles(x86)%\universal extractor\docs\lzma_readme.txt
  • from %ProgramFiles(x86)%\universal extractor\is-epulc.tmp to %ProgramFiles(x86)%\universal extractor\uniextract.ini
Network activity
Connects to
  • 'os##etxi.ga':80
TCP
HTTP GET requests
  • http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?69########
HTTP POST requests
  • http://os##etxi.ga/new/net_api
UDP
  • DNS ASK os##etxi.ga
Miscellaneous
Searches for the following windows
  • ClassName: '{995C1CF5-54FF-11D3-8BDA-00600893B1B6}' WindowName: ''
Creates and executes the following
  • '%TEMP%\is-n4cn3.tmp\is-otuff.tmp' /SL4 $B0236 "<Full path to file>" 7497345 52224
  • '%ProgramFiles(x86)%\universal extractor\uniextract.exe'
  • '%ProgramFiles(x86)%\universal extractor\uniextract.exe' fdf37bca797568a837408ff9fb30488d
Executes the following
  • '%WINDIR%\syswow64\schtasks.exe' /Query
  • '%WINDIR%\syswow64\schtasks.exe' /Delete /F /TN "UniExtract 29"

Рекомендации по лечению

  1. В случае если операционная система способна загрузиться (в штатном режиме или режиме защиты от сбоев), скачайте лечащую утилиту Dr.Web CureIt! и выполните с ее помощью полную проверку вашего компьютера, а также используемых вами переносных носителей информации.
  2. Если загрузка операционной системы невозможна, измените настройки BIOS вашего компьютера, чтобы обеспечить возможность загрузки ПК с компакт-диска или USB-накопителя. Скачайте образ аварийного диска восстановления системы Dr.Web® LiveDisk или утилиту записи Dr.Web® LiveDisk на USB-накопитель, подготовьте соответствующий носитель. Загрузив компьютер с использованием данного носителя, выполните его полную проверку и лечение обнаруженных угроз.
Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

Выполните полную проверку системы с использованием Антивируса Dr.Web Light для macOS. Данный продукт можно загрузить с официального сайта Apple App Store.

Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

Скачать Dr.Web с Apple Store

На загруженной ОС выполните полную проверку всех дисковых разделов с использованием продукта Антивирус Dr.Web для Linux.

Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

  1. Если мобильное устройство функционирует в штатном режиме, загрузите и установите на него бесплатный антивирусный продукт Dr.Web для Android Light. Выполните полную проверку системы и используйте рекомендации по нейтрализации обнаруженных угроз.
  2. Если мобильное устройство заблокировано троянцем-вымогателем семейства Android.Locker (на экране отображается обвинение в нарушении закона, требование выплаты определенной денежной суммы или иное сообщение, мешающее нормальной работе с устройством), выполните следующие действия:
    • загрузите свой смартфон или планшет в безопасном режиме (в зависимости от версии операционной системы и особенностей конкретного мобильного устройства эта процедура может быть выполнена различными способами; обратитесь за уточнением к инструкции, поставляемой вместе с приобретенным аппаратом, или напрямую к его производителю);
    • после активации безопасного режима установите на зараженное устройство бесплатный антивирусный продукт Dr.Web для Android Light и произведите полную проверку системы, выполнив рекомендации по нейтрализации обнаруженных угроз;
    • выключите устройство и включите его в обычном режиме.

Подробнее о Dr.Web для Android

Демо бесплатно на 14 дней

Выдаётся при установке

Скачать с сайта
Скачать с Google Play