ユーザー向け情報

閉じる

マイライブラリ
マイライブラリ

+ マイライブラリに追加

検索
検索

電話
テクニカルサポート利用方法

問い合わせ

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

フォーラム(英語)

お問い合わせ履歴

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

Profile

JP

RU CN DE EN ES FR IT JP KZ UZ PL BY
閉じる
サービス
スキャナー
Dr.Web vxCube
トライアル
ウイルスライブラリ
ナレッジベース

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

ニュース

Trojan.MulDrop8.20827

Added to the Dr.Web virus database: 2018-05-05

Virus description added:

Technical Information

To ensure autorun and distribution:
Creates the following services:
  • [<HKLM>\SYSTEM\ControlSet001\Services\MANC] 'Start' = '00000002'
  • [<HKLM>\SYSTEM\ControlSet001\Services\MANC] 'ImagePath' = '<SYSTEM32>\MANC.exe'
Modifies file system:
Creates the following files:
  • <Current directory>\ClientSetup.exe
  • C:\install\DialogBk.bmp
  • <SYSTEM32>\msres\skin\riant\DialogBk.bmp
  • C:\install\exit_down.bmp
  • <SYSTEM32>\msres\skin\riant\exit_down.bmp
  • C:\install\exit_foc.bmp
  • <SYSTEM32>\msres\skin\riant\exit_foc.bmp
  • C:\install\exit_nor.bmp
  • <SYSTEM32>\msres\skin\riant\exit_nor.bmp
  • C:\install\FormViewBk.bmp
  • C:\install\ActiveCaption.bmp
  • <SYSTEM32>\msres\skin\riant\ActiveCaption.bmp
  • <SYSTEM32>\msres\skin\riant\FormViewBk.bmp
  • C:\install\FrameTopBorder.bmp
  • <SYSTEM32>\msres\skin\riant\FrameTopBorder.bmp
  • C:\install\HeaderCtrlNormal.bmp
  • <SYSTEM32>\msres\skin\riant\HeaderCtrlNormal.bmp
  • C:\install\HorizontalThumb.bmp
  • <SYSTEM32>\msres\skin\riant\HorizontalThumb.bmp
  • C:\install\InActiveCaption.bmp
  • <SYSTEM32>\msres\skin\riant\InActiveCaption.bmp
  • C:\install\LeftArrow.bmp
  • C:\install\FrameBorder.bmp
  • <SYSTEM32>\msres\skin\riant\FrameBorder.bmp
  • C:\install\max_down.bmp
  • <SYSTEM32>\msres\skin\riant\LeftArrow.bmp
  • <SYSTEM32>\msres\skin\icon\wifi-no.png
  • C:\install\ico3.png
  • <SYSTEM32>\msres\skin\icon\ico3.png
  • C:\install\ico4.png
  • <SYSTEM32>\msres\skin\icon\ico4.png
  • C:\install\ico5.png
  • <SYSTEM32>\msres\skin\icon\ico5.png
  • C:\install\ico6.png
  • <SYSTEM32>\msres\skin\icon\ico6.png
  • C:\install\wifi.png
  • C:\install\ico2.png
  • <SYSTEM32>\msres\skin\icon\wifi.png
  • C:\install\ico_force.png
  • C:\install\jzai.gif
  • <SYSTEM32>\msres\skin\icon\jzai.gif
  • <SYSTEM32>\msres\skin\icon\Thumbs.db
  • C:\install\up.png
  • <SYSTEM32>\msres\skin\icon\up.png
  • C:\install\usmall.png
  • <SYSTEM32>\msres\skin\icon\usmall.png
  • C:\install\wifi-no.png
  • <SYSTEM32>\msres\skin\icon\ico_force.png
  • C:\install\ico_ture.png
  • <SYSTEM32>\msres\skin\icon\ico_ture.png
  • <SYSTEM32>\msres\skin\riant\res_norm.bmp
  • <SYSTEM32>\msres\skin\riant\max_down.bmp
  • C:\install\new-loginbodybk.bmp
  • C:\install\new-logintitlebk.bmp
  • <SYSTEM32>\msres\skin\riant\new-logintitlebk.bmp
  • C:\install\new-menubt.bmp
  • <SYSTEM32>\msres\skin\riant\new-menubt.bmp
  • C:\install\new-MenuItemBack.bmp
  • <SYSTEM32>\msres\skin\riant\new-MenuItemBack.bmp
  • C:\install\new-min_norm.bmp
  • <SYSTEM32>\msres\skin\riant\new-min_norm.bmp
  • <SYSTEM32>\msres\skin\riant\new-exit_nor.bmp
  • C:\install\new-okbk.bmp
  • <SYSTEM32>\msres\skin\riant\new-loginbodybk.bmp
  • C:\install\new-res_down.bmp
  • C:\install\new-TabHeadBk.bmp
  • <SYSTEM32>\msres\skin\riant\new-TabHeadBk.bmp
  • C:\install\new-TabHeadBtn.bmp
  • <SYSTEM32>\msres\skin\riant\new-TabHeadBtn.bmp
  • C:\install\res_down.bmp
  • <SYSTEM32>\msres\skin\riant\res_down.bmp
  • C:\install\res_focu.bmp
  • <SYSTEM32>\msres\skin\riant\res_focu.bmp
  • <SYSTEM32>\msres\skin\riant\new-okbk.bmp
  • C:\install\new-exit_nor.bmp
  • <SYSTEM32>\msres\skin\riant\new-res_down.bmp
  • <SYSTEM32>\msres\skin\riant\new-cancelbk.bmp
  • C:\install\new-cancelbk.bmp
  • <SYSTEM32>\msres\skin\riant\max_focu.bmp
  • <SYSTEM32>\msres\skin\riant\max_norm.bmp
  • C:\install\MenuDown.bmp
  • <SYSTEM32>\msres\skin\riant\MenuDown.bmp
  • C:\install\MenuFocus.bmp
  • <SYSTEM32>\msres\skin\riant\MenuFocus.bmp
  • C:\install\MenuItemDown.bmp
  • <SYSTEM32>\msres\skin\riant\MenuItemDown.bmp
  • C:\install\min_down.bmp
  • <SYSTEM32>\msres\skin\riant\min_down.bmp
  • C:\install\min_focu.bmp
  • C:\install\max_norm.bmp
  • <SYSTEM32>\msres\skin\riant\min_focu.bmp
  • <SYSTEM32>\msres\skin\riant\min_norm.bmp
  • C:\install\new-BarExpand.bmp
  • <SYSTEM32>\msres\skin\riant\new-BarExpand.bmp
  • C:\install\new-BtnLeft.bmp
  • <SYSTEM32>\msres\skin\riant\new-BtnLeft.bmp
  • C:\install\new-BtnMid.bmp
  • <SYSTEM32>\msres\skin\riant\new-BtnMid.bmp
  • C:\install\new-BtnRight.bmp
  • <SYSTEM32>\msres\skin\riant\new-BtnRight.bmp
  • <SYSTEM32>\msres\skin\icon\ico1.png
  • C:\install\min_norm.bmp
  • <SYSTEM32>\msres\skin\icon\ico2.png
  • C:\install\max_focu.bmp
  • C:\install\res_norm.bmp
  • C:\install\yundisk.bmp
  • C:\install\sendbt_1.bmp
  • <SYSTEM32>\msres\skin\btn\sendbt_1.bmp
  • C:\install\sendbt_2.bmp
  • <SYSTEM32>\msres\skin\btn\sendbt_2.bmp
  • C:\install\sendbt_3.bmp
  • <SYSTEM32>\msres\skin\btn\sendbt_3.bmp
  • <SYSTEM32>\msres\skin\btn\sx_01.png
  • C:\install\sx_02.png
  • <SYSTEM32>\msres\skin\btn\select_fan.bmp
  • C:\install\select_fan.bmp
  • <SYSTEM32>\msres\skin\btn\select_fan2.bmp
  • <SYSTEM32>\msres\skin\btn\sx_02.png
  • <SYSTEM32>\msres\skin\btn\sz_01.png
  • C:\install\sz_02.png
  • <SYSTEM32>\msres\skin\btn\sz_02.png
  • C:\install\sz_03.png
  • <SYSTEM32>\msres\skin\btn\sz_03.png
  • <SYSTEM32>\msres\skin\btn\Thumbs.db
  • C:\install\up.bmp
  • <SYSTEM32>\msres\skin\btn\up.bmp
  • C:\install\sx_03.png
  • <SYSTEM32>\msres\skin\btn\sx_03.png
  • C:\install\sz_01.png
  • C:\install\uploadbt_2.bmp
  • C:\install\uploadbt_1.bmp
  • <SYSTEM32>\msres\skin\btn\uploadbt_1.bmp
  • C:\install\preview1.bmp
  • <SYSTEM32>\msres\skin\btn\preview1.bmp
  • C:\install\preview2.bmp
  • <SYSTEM32>\msres\skin\btn\preview2.bmp
  • C:\install\qhdl_01.bmp
  • <SYSTEM32>\msres\skin\btn\qhdl_01.bmp
  • C:\install\qhdl_02.bmp
  • <SYSTEM32>\msres\skin\btn\qhdl_02.bmp
  • <SYSTEM32>\msres\skin\btn\select_all2.bmp
  • C:\install\myfix_2.bmp
  • C:\install\select_all2.bmp
  • C:\install\qhdl_03.bmp
  • C:\install\refreshbt_1.bmp
  • <SYSTEM32>\msres\skin\btn\refreshbt_1.bmp
  • C:\install\repair.bmp
  • <SYSTEM32>\msres\skin\btn\repair.bmp
  • C:\install\repair2.bmp
  • <SYSTEM32>\msres\skin\btn\repair2.bmp
  • C:\install\select_all.bmp
  • <SYSTEM32>\msres\skin\btn\select_all.bmp
  • <SYSTEM32>\msres\skin\btn\qhdl_03.bmp
  • C:\install\qhdl_04.bmp
  • <SYSTEM32>\msres\skin\btn\qhdl_04.bmp
  • <SYSTEM32>\msres\skin\btn\uploadbt_2.bmp
  • <SYSTEM32>\msres\skin\dlp\box_3.bmp
  • C:\install\userchange_01.bmp
  • C:\install\dir_bk.bmp
  • <SYSTEM32>\msres\skin\dlp\dir_bk.bmp
  • C:\install\dir_splite.bmp
  • <SYSTEM32>\msres\skin\dlp\dir_splite.bmp
  • C:\install\doc.bmp
  • <SYSTEM32>\msres\skin\dlp\doc.bmp
  • <SYSTEM32>\msres\skin\dlp\down.bmp
  • C:\install\box_3.bmp
  • C:\install\jpg.bmp
  • C:\install\pdf.bmp
  • <SYSTEM32>\msres\skin\dlp\dir.bmp
  • <SYSTEM32>\msres\skin\dlp\pdf.bmp
  • <SYSTEM32>\msres\skin\dlp\ppt.bmp
  • C:\install\safedisk.bmp
  • <SYSTEM32>\msres\skin\dlp\safedisk.bmp
  • <SYSTEM32>\msres\skin\dlp\search.bmp
  • <SYSTEM32>\msres\skin\dlp\Thumbs.db
  • C:\install\wjj.bmp
  • <SYSTEM32>\msres\skin\dlp\wjj.bmp
  • <SYSTEM32>\msres\skin\dlp\jpg.bmp
  • <SYSTEM32>\msres\skin\dlp\box_2.bmp
  • C:\install\select_fan2.bmp
  • C:\install\ppt.bmp
  • C:\install\dir.bmp
  • C:\install\box_2.bmp
  • <SYSTEM32>\msres\skin\dlp\box_1.bmp
  • <SYSTEM32>\msres\skin\btn\userchange_01.bmp
  • C:\install\userchange_02.bmp
  • <SYSTEM32>\msres\skin\btn\userchange_02.bmp
  • C:\install\userchange_03.bmp
  • <SYSTEM32>\msres\skin\btn\userchange_03.bmp
  • C:\install\userregclose.png
  • <SYSTEM32>\msres\skin\btn\userregclose.png
  • C:\install\xx_01.bmp
  • <SYSTEM32>\msres\skin\btn\xx_01.bmp
  • <SYSTEM32>\msres\skin\btn\uploadbt_3.bmp
  • C:\install\xx_02.bmp
  • C:\install\xx_03.bmp
  • <SYSTEM32>\msres\skin\btn\xx_03.bmp
  • C:\install\yj_01.bmp
  • <SYSTEM32>\msres\skin\btn\yj_01.bmp
  • C:\install\yj_02.bmp
  • <SYSTEM32>\msres\skin\btn\yj_02.bmp
  • C:\install\zhuce.png
  • <SYSTEM32>\msres\skin\btn\zhuce.png
  • C:\install\box_1.bmp
  • <SYSTEM32>\msres\skin\dlp\yundisk.bmp
  • <SYSTEM32>\msres\skin\btn\xx_02.bmp
  • C:\install\uploadbt_3.bmp
  • C:\install\ico1.png
  • <SYSTEM32>\msres\ShowMsg.exe
  • C:\install\RightArrow.bmp
  • <SYSTEM32>\msres\viewRect64.dll
  • <SYSTEM32>\msres\VSComLib.dll
  • C:\install\VSCommon.dll
  • <SYSTEM32>\msres\VSCommon.dll
  • C:\install\VSetup.exe
  • <SYSTEM32>\msres\VSetup.exe
  • C:\install\vssver2.scc
  • <SYSTEM32>\msres\vssver2.scc
  • C:\install\WebMailData.ytf
  • C:\install\viewRect64.dll
  • <SYSTEM32>\msres\WebMailData.ytf
  • C:\install\VSComLib.dll
  • <SYSTEM32>\msres\WifiPolicyDLL.dll
  • <SYSTEM32>\msres\wininit.exe
  • C:\install\WinRaw.dll
  • <SYSTEM32>\msres\WinRaw.dll
  • C:\install\WinSecCheck112.exe
  • <SYSTEM32>\msres\WinSecCheck112.exe
  • C:\install\wni.ytf
  • <SYSTEM32>\msres\wni.ytf
  • C:\install\IEShims.dll
  • C:\install\WifiPolicyDLL.dll
  • <SYSTEM32>\msres\x64drivers\IEShims.dll
  • C:\install\wininit.exe
  • <SYSTEM32>\msres\x64drivers\msvcr10064.dll
  • <SYSTEM32>\msres\viewrect.dll
  • <SYSTEM32>\msres\vfsd_fre_win7_x86_win10_old.sys
  • C:\install\vfsd_fre_wlh_x86.sys
  • <SYSTEM32>\msres\vfsd_fre_wlh_x86.sys
  • C:\install\vfsd_fre_wnet_AMD64.sys
  • <SYSTEM32>\msres\vfsd_fre_wnet_AMD64.sys
  • C:\install\vfsd_fre_wnet_x86.sys
  • <SYSTEM32>\msres\vfsd_fre_wnet_x86.sys
  • C:\install\vfsd_fre_wxp_x86.sys
  • C:\install\viewrect.dll
  • <SYSTEM32>\msres\vfsd_fre_wxp_x86.sys
  • C:\install\vfsd_fre_wlh_AMD64.sys
  • <SYSTEM32>\msres\ViewC.pdb
  • <SYSTEM32>\msres\vgwdrv.dll
  • C:\install\vgwdrv.sys
  • <SYSTEM32>\msres\vgwdrv.sys
  • C:\install\ViewC.dll
  • <SYSTEM32>\msres\ViewC.dll
  • C:\install\ViewC.map
  • <SYSTEM32>\msres\ViewC.map
  • C:\install\ViewC.pdb
  • C:\install\vgwdrv.dll
  • C:\install\msvcr10064.dll
  • C:\install\vgwdrv.inf
  • <SYSTEM32>\msres\vgwdrv.inf
  • <SYSTEM32>\msres\skin\riant\RightArrow.bmp
  • C:\install\ProcMon64.sys
  • <SYSTEM32>\xfnet.dll
  • <SYSTEM32>\msres\ytdisk.sys
  • C:\install\ytDisk2_32.sys
  • <SYSTEM32>\msres\ytDisk2_32.sys
  • C:\install\ytDisk2_64.sys
  • <SYSTEM32>\msres\ytDisk2_64.sys
  • C:\install\YTFunDll32.dll
  • <SYSTEM32>\msres\YTFunDll32.dll
  • <SYSTEM32>\msres\XFMainTh.dll
  • C:\install\YTFunDll64.dll
  • <SYSTEM32>\msres\YtMiniFilter.inf
  • C:\install\ytdisk.sys
  • <SYSTEM32>\msres\YtMiniFilter.sys
  • <SYSTEM32>\msres\ytrest.sys
  • C:\install\YTShellExt32.dll
  • <SYSTEM32>\msres\YTShellExt32.dll
  • C:\install\YTShellExt64.dll
  • <SYSTEM32>\msres\YTShellExt64.dll
  • C:\install\zip.dll
  • <SYSTEM32>\msres\zip.dll
  • <SYSTEM32>\msres\YTFunDll64.dll
  • C:\install\XFMainTh.dll
  • <SYSTEM32>\msres\x64drivers\ytrest.sys
  • <SYSTEM32>\msres\ytrest.inf
  • C:\install\ytrest.sys
  • <SYSTEM32>\msres\x64drivers\ProcMon64.sys
  • C:\install\sesys64.sys
  • C:\install\USBUpper64.sys
  • <SYSTEM32>\msres\x64drivers\USBUpper64.sys
  • C:\install\vgwdrv64.dll
  • <SYSTEM32>\msres\x64drivers\vgwdrv64.dll
  • C:\install\vgwdrv64.inf
  • <SYSTEM32>\msres\x64drivers\vgwdrv64.inf
  • C:\install\vgwdrv64.sys
  • <SYSTEM32>\msres\x64drivers\vgwdrv64.sys
  • C:\install\vgwdrvx64.cat
  • <SYSTEM32>\msres\x64drivers\vgwdrvx64.cat
  • <SYSTEM32>\msres\x64drivers\sesys64.sys
  • C:\install\VSetup64.exe
  • C:\install\ytdisk64.sys
  • <SYSTEM32>\msres\x64drivers\ytdisk64.sys
  • C:\install\YtMiniFilter.inf
  • <SYSTEM32>\msres\x64drivers\YtMiniFilter.inf
  • C:\install\YtMiniFilter.sys
  • <SYSTEM32>\msres\x64drivers\YtMiniFilter.sys
  • C:\install\ytrest.inf
  • <SYSTEM32>\msres\x64drivers\ytrest.inf
  • C:\install\vfsd_fre_win7_x86_win10_old.sys
  • <SYSTEM32>\msres\vfsd_fre_win7_x86_win10.sys
  • <SYSTEM32>\msres\x64drivers\VSetup64.exe
  • <SYSTEM32>\msres\vfsd_fre_wlh_AMD64.sys
  • C:\install\vfsd_fre_win7_x86_win10.sys
  • <SYSTEM32>\msres\vfsd_fre_win7_x86.sys
  • <SYSTEM32>\msres\SMSS.exe
  • C:\install\Special.ini
  • <SYSTEM32>\msres\Special.ini
  • C:\install\sqlite3.dll
  • <SYSTEM32>\msres\sqlite3.dll
  • C:\install\ssleay32.dll
  • <SYSTEM32>\msres\ssleay32.dll
  • C:\install\StopLog.bat
  • C:\install\SMSS.exe
  • <SYSTEM32>\msres\StopLog.bat
  • <SYSTEM32>\msres\skin.ini
  • <SYSTEM32>\msres\SockLink.dll
  • <SYSTEM32>\msres\svchost.exe
  • C:\install\SystemInfo.dll
  • <SYSTEM32>\msres\SystemInfo.dll
  • C:\install\TaskKeyHook.dll
  • <SYSTEM32>\msres\TaskKeyHook.dll
  • C:\install\TaskSend.dll
  • <SYSTEM32>\msres\TaskSend.dll
  • <SYSTEM32>\msres\Thumbs.db
  • C:\install\svchost.exe
  • <SYSTEM32>\msres\slientInstall.ini
  • C:\install\sysaid.exe
  • <SYSTEM32>\msres\sysaid.exe
  • C:\install\slientInstall.ini
  • C:\install\ScrollBarBk.bmp
  • <SYSTEM32>\msres\skin\btn\myfix.bmp
  • C:\install\skin.ini
  • <SYSTEM32>\msres\skin\riant\skin.ini
  • C:\install\TabLeft.bmp
  • <SYSTEM32>\msres\skin\riant\TabLeft.bmp
  • C:\install\TabLeftSel.bmp
  • <SYSTEM32>\msres\skin\riant\TabLeftSel.bmp
  • C:\install\TabMid.bmp
  • <SYSTEM32>\msres\skin\riant\TabMid.bmp
  • C:\install\TabMidSel.bmp
  • <SYSTEM32>\msres\skin\riant\TabMidSel.bmp
  • <SYSTEM32>\msres\skin\riant\ScrollBarBk.bmp
  • C:\install\TabRight.bmp
  • C:\install\TabRightSel.bmp
  • <SYSTEM32>\msres\skin\riant\TabRightSel.bmp
  • <SYSTEM32>\msres\skin\riant\Thumbs.db
  • C:\install\ToolBarBack.bmp
  • <SYSTEM32>\msres\skin\riant\ToolBarBack.bmp
  • C:\install\ToolBarFocus.bmp
  • <SYSTEM32>\msres\skin\riant\ToolBarFocus.bmp
  • C:\install\ViewBk.bmp
  • <SYSTEM32>\msres\skin\riant\ViewBk.bmp
  • C:\install\trayicon.exe
  • <SYSTEM32>\msres\skin\riant\TabRight.bmp
  • <SYSTEM32>\msres\trayicon.exe
  • <SYSTEM32>\msres\skin\btn\myfix_2.bmp
  • <SYSTEM32>\msres\TurboDLL.dll
  • C:\install\ufsd64.dll
  • C:\install\config.ini
  • <SYSTEM32>\msres\vdesktop\resources\config\config.ini
  • C:\install\PluginInfo.xml
  • <SYSTEM32>\msres\vdesktop\resources\config\PluginInfo.xml
  • C:\install\UserInfo.ini
  • <SYSTEM32>\msres\vdesktop\resources\config\UserInfo.ini
  • C:\install\Util.dll
  • C:\install\Microsoft.WindowsAPICodePack.dll
  • <SYSTEM32>\msres\vdesktop\Util.dll
  • <SYSTEM32>\msres\vdesktop\VirtualDesktop.exe
  • <SYSTEM32>\msres\vdesktop\Microsoft.WindowsAPICodePack.Shell.dll
  • C:\install\VerCtrl.dll
  • C:\install\vfsd_fre_win7_AMD64.sys
  • <SYSTEM32>\msres\vfsd_fre_win7_AMD64.sys
  • C:\install\vfsd_fre_win7_AMD64_win10.sys
  • <SYSTEM32>\msres\vfsd_fre_win7_AMD64_win10.sys
  • C:\install\vfsd_fre_win7_AMD64_win10_old.sys
  • <SYSTEM32>\msres\vfsd_fre_win7_AMD64_win10_old.sys
  • C:\install\vfsd_fre_win7_x86.sys
  • C:\install\VirtualDesktop.exe
  • <SYSTEM32>\msres\UserCtrl64.dll
  • C:\install\SockLink.dll
  • <SYSTEM32>\msres\VerCtrl.dll
  • C:\install\Microsoft.WindowsAPICodePack.Shell.dll
  • C:\install\UserCtrl64.dll
  • <SYSTEM32>\msres\UserCtrl32.dll
  • <SYSTEM32>\msres\ufsd64.dll
  • C:\install\UfsdCrypto32.dll
  • <SYSTEM32>\msres\UfsdCrypto32.dll
  • C:\install\UfsdCrypto64.dll
  • <SYSTEM32>\msres\UfsdCrypto64.dll
  • C:\install\ufsdicon32.dll
  • <SYSTEM32>\msres\ufsdicon32.dll
  • C:\install\ufsdicon64.dll
  • <SYSTEM32>\msres\ufsdicon64.dll
  • <SYSTEM32>\msres\ufsd32.dll
  • C:\install\UnicodeDLL.dll
  • C:\install\UnPack.exe
  • <SYSTEM32>\msres\UnPack.exe
  • C:\install\Update.ytf
  • <SYSTEM32>\msres\Update.ytf
  • C:\install\USBManage.dll
  • <SYSTEM32>\msres\USBManage.dll
  • C:\install\USBUpper.sys
  • <DRIVERS>\USBUpper.sys
  • C:\install\UserCtrl32.dll
  • C:\install\TurboDLL.dll
  • <SYSTEM32>\msres\UnicodeDLL.dll
  • C:\install\ufsd32.dll
  • <SYSTEM32>\msres\vdesktop\Microsoft.WindowsAPICodePack.dll
  • C:\install\myfix.bmp
  • <SYSTEM32>\msres\skin\btn\min.bmp
  • C:\install\min.bmp
  • C:\install\libsedisk.dll
  • <SYSTEM32>\msres\libsedisk.dll
  • C:\install\local.ini
  • <SYSTEM32>\msres\local.ini
  • C:\install\LocalSet.ytf
  • <SYSTEM32>\msres\LocalSet.ytf
  • C:\install\MANC.exe
  • <SYSTEM32>\MANC.exe
  • <SYSTEM32>\LanMap.dll
  • C:\install\LanMap.dll
  • <SYSTEM32>\msres\libeay32.dll
  • C:\install\MFrame.dll
  • C:\install\msch64.dll
  • <SYSTEM32>\msres\msch64.dll
  • C:\install\MsgTrack.dll
  • <SYSTEM32>\MsgTrack.dll
  • C:\install\msnet64.dll
  • <SYSTEM32>\msres\msnet64.dll
  • C:\install\mspm32.dll
  • <SYSTEM32>\msres\mspm32.dll
  • <SYSTEM32>\msres\MFrame.dll
  • C:\install\msch.dll
  • <SYSTEM32>\msres\msch.dll
  • C:\install\msproc.dll
  • C:\install\mspm64.dll
  • <SYSTEM32>\msres\mspm64.dll
  • C:\install\HKSock64.dll
  • <SYSTEM32>\msres\HKSock64.dll
  • C:\install\ica.ytf
  • <SYSTEM32>\msres\ica.ytf
  • C:\install\iconTray.ico
  • <SYSTEM32>\msres\iconTray.ico
  • C:\install\IJL15.dll
  • <SYSTEM32>\msres\IJL15.dll
  • <SYSTEM32>\msres\KsSafeApi.dll
  • C:\install\HKSock32.dll
  • C:\install\KsSafeApi.dll
  • C:\install\ImageLib.dll
  • C:\install\inspect32.exe
  • <SYSTEM32>\msres\inspect32.exe
  • C:\install\InstallEx.exe
  • <SYSTEM32>\msres\InstallEx.exe
  • C:\install\IpTrack.dll
  • <SYSTEM32>\msres\IpTrack.dll
  • C:\install\itp.ytf
  • <SYSTEM32>\msres\itp.ytf
  • <SYSTEM32>\msres\ImageLib.dll
  • C:\install\InjectDll32.exe
  • <SYSTEM32>\msres\InjectDll32.exe
  • <SYSTEM32>\msres\msproc.dll
  • <SYSTEM32>\msres\net\xpfilter\PLViewer.dll
  • C:\install\msvcr100.dll
  • <SYSTEM32>\msres\net\xpfilter\PLViewer_lima1.sys
  • <SYSTEM32>\msres\net\xpfilter\snetcfg.exe
  • C:\install\NetBase.dll
  • <SYSTEM32>\msres\NetBase.dll
  • C:\install\NetClass.dll
  • <SYSTEM32>\msres\NetClass.dll
  • C:\install\NetJMFile32.dll
  • <SYSTEM32>\msres\net\xpfilter\PLViewer-12.9.sys
  • <SYSTEM32>\msres\NetJMFile32.dll
  • <SYSTEM32>\msres\NetJMFile64.dll
  • C:\install\PLViewer_lima1.sys
  • C:\install\NetOp.dll
  • C:\install\NetTran.dll
  • <SYSTEM32>\msres\NetTran.dll
  • C:\install\NetW.ytf
  • <SYSTEM32>\msres\NetW.ytf
  • C:\install\newicon.ico
  • <SYSTEM32>\msres\newicon.ico
  • C:\install\NewLockDesk.dll
  • C:\install\NetJMFile64.dll
  • <SYSTEM32>\msres\net\xpfilter\netsf_m.inf
  • <SYSTEM32>\msres\GUI.dll
  • <SYSTEM32>\msres\NetOp.dll
  • <SYSTEM32>\msres\net\xpfilter\PLViewer.sys
  • <SYSTEM32>\msres\net\xpfilter\netsf.inf
  • <SYSTEM32>\msres\net\win764\xz.bat
  • <SYSTEM32>\msres\msvcr100.dll
  • C:\install\az.bat
  • <SYSTEM32>\msres\net\win764\az.bat
  • C:\install\netsf.inf
  • <SYSTEM32>\msres\net\win764\netsf.inf
  • C:\install\netsf_m.inf
  • <SYSTEM32>\msres\net\win764\netsf_m.inf
  • C:\install\PLViewer-12.9.sys
  • <SYSTEM32>\msres\net\win764\PLViewer-12.9.sys
  • <SYSTEM32>\msres\MSSF64.dll
  • C:\install\PLViewer-bak.sys
  • C:\install\PLViewer.dll
  • <SYSTEM32>\msres\net\win764\PLViewer.dll
  • C:\install\PLViewer.rar
  • <SYSTEM32>\msres\net\win764\PLViewer.rar
  • C:\install\PLViewer.sys
  • <SYSTEM32>\msres\net\win764\PLViewer.sys
  • C:\install\snetcfg.exe
  • <SYSTEM32>\msres\net\win764\snetcfg.exe
  • C:\install\xz.bat
  • <SYSTEM32>\msres\HKForbit.dll
  • <SYSTEM32>\msres\net\win764\PLViewer-bak.sys
  • C:\install\MSSF64.dll
  • <SYSTEM32>\msres\HKSock32.dll
  • C:\install\HKForbit.dll
  • C:\install\GUI.dll
  • <SYSTEM32>\msres\filedisk\new.doc
  • <SYSTEM32>\msres\CommonFunDll.dll
  • C:\install\localsoft.dat
  • <SYSTEM32>\msres\config\localsoft.dat
  • C:\install\riben.ytf
  • <SYSTEM32>\msres\config\riben.ytf
  • C:\install\curlUpload.dll
  • <SYSTEM32>\msres\curlUpload.dll
  • C:\install\DeviceManage.dll
  • C:\install\ComFun.dll
  • C:\install\ClientTool.exe
  • C:\install\CommonFunDll.dll
  • <SYSTEM32>\msres\DeviceManage.dll
  • <SYSTEM32>\msres\DlgManage.dll
  • C:\install\EncryptGUI.exe
  • <SYSTEM32>\msres\EncryptGUI.exe
  • C:\install\EncryptGUI_bak.exe
  • <SYSTEM32>\msres\EncryptGUI_bak.exe
  • C:\install\ExcelFunDll.dll
  • <SYSTEM32>\msres\ExcelFunDll.dll
  • C:\install\exit.bat
  • C:\install\DirMain.exe
  • <SYSTEM32>\msres\DirMain.exe
  • C:\install\DlgManage.dll
  • <SYSTEM32>\msres\ClientTool.exe
  • <SYSTEM32>\msres\CJ60Lib.dll
  • <SYSTEM32>\msres\exit.bat
  • C:\log\°ІЧ°.log
  • C:\install\0001E932
  • C:\install\0002B429
  • C:\install\setuptool.exe
  • <SYSTEM32>\msres\tools\setuptool.exe
  • C:\log\setupfirstrun.log
  • <SYSTEM32>\YTSetup.ini
  • C:\install\8021xClient-autocheck.dll
  • <SYSTEM32>\msres\8021xClient-autocheck.dll
  • C:\install\8021xClient.dll
  • <Current directory>\YTSysConfig.ini
  • <SYSTEM32>\msres\8021xClient.dll
  • <SYSTEM32>\msres\AdoBase.dll
  • C:\install\AnsiDLL.dll
  • <SYSTEM32>\msres\AnsiDLL.dll
  • C:\install\AssistantThC.dll
  • <SYSTEM32>\msres\AssistantThC.dll
  • C:\install\BeginLog.bat
  • <SYSTEM32>\msres\BeginLog.bat
  • C:\install\change.dll
  • <SYSTEM32>\msres\change.dll
  • C:\install\CJ60Lib.dll
  • C:\install\AdoBase.dll
  • <SYSTEM32>\msres\NewLockDesk.dll
  • C:\log\CommonFunDll.log
  • C:\install\new.doc
  • C:\install\new.xls
  • C:\install\finger.dat
  • <SYSTEM32>\msres\finger.dat
  • C:\install\FSConfig.ytf
  • <SYSTEM32>\msres\FSConfig.ytf
  • C:\install\FSHost32.exe
  • <SYSTEM32>\msres\FSHost32.exe
  • C:\install\FSHost64.exe
  • <SYSTEM32>\msres\FSHost64.exe
  • <SYSTEM32>\msres\filedisk\x64\stop.bat
  • C:\install\GetPassx64.exe
  • <SYSTEM32>\msres\FileTransport.dll
  • C:\install\GetPassx86.exe
  • C:\install\GFunLib32.dll
  • <SYSTEM32>\msres\GFunLib32.dll
  • C:\install\GFunLib64.dll
  • <SYSTEM32>\msres\GFunLib64.dll
  • C:\install\GlobalUserCtrl32.dll
  • <SYSTEM32>\msres\GlobalUserCtrl32.dll
  • C:\install\GlobalUserCtrl64.dll
  • <SYSTEM32>\msres\GlobalUserCtrl64.dll
  • <SYSTEM32>\msres\GetPassx64.exe
  • <SYSTEM32>\msres\ComFun.dll
  • <SYSTEM32>\msres\GetPassx86.exe
  • C:\install\FileTransport.dll
  • <SYSTEM32>\msres\filedisk\x64\run_c.bat
  • <SYSTEM32>\msres\filedisk\x64\run.bat
  • <SYSTEM32>\msres\filedisk\new.xls
  • C:\install\sysimg.img
  • <SYSTEM32>\msres\filedisk\sysimg.img
  • C:\install\Thumbs.db
  • <SYSTEM32>\msres\filedisk\Thumbs.db
  • C:\install\filedisk.exe
  • <SYSTEM32>\msres\filedisk\x32\filedisk.exe
  • C:\install\filedisk.reg
  • <SYSTEM32>\msres\filedisk\x32\filedisk.reg
  • <SYSTEM32>\msres\filedisk\new.ppt
  • C:\install\filedisk.sys
  • C:\install\readme.txt
  • <SYSTEM32>\msres\filedisk\x32\readme.txt
  • C:\install\run.bat
  • <SYSTEM32>\msres\filedisk\x32\run.bat
  • C:\install\run_c.bat
  • <SYSTEM32>\msres\filedisk\x32\run_c.bat
  • C:\install\stop.bat
  • <SYSTEM32>\msres\filedisk\x32\stop.bat
  • <SYSTEM32>\msres\filedisk\x64\filedisk.exe
  • <SYSTEM32>\msres\filedisk\x64\filedisk.reg
  • <SYSTEM32>\msres\filedisk\x32\filedisk.sys
  • <SYSTEM32>\msres\filedisk\x64\filedisk.sys
  • C:\install\new.ppt
  • C:\install\xfnet.dll
  • C:\install\PacketUpdate.dll
  • C:\install\PLDevice.dll
  • <SYSTEM32>\msres\skin\background\pack_head2.bmp
  • C:\install\seachnone.bmp
  • <SYSTEM32>\msres\skin\background\seachnone.bmp
  • C:\install\search.bmp
  • <SYSTEM32>\msres\skin\background\search.bmp
  • <SYSTEM32>\msres\skin\background\Thumbs.db
  • C:\install\userchange_bk.bmp
  • <SYSTEM32>\msres\skin\background\userchange_bk.bmp
  • C:\install\pack_head1.bmp
  • C:\install\userreg.png
  • C:\install\pack_head2.bmp
  • C:\install\userreg2.png
  • C:\install\userreg3.png
  • <SYSTEM32>\msres\skin\background\userreg3.png
  • C:\install\blue_bk.jpg
  • <SYSTEM32>\msres\skin\bk\blue_bk.jpg
  • C:\install\mapbg.png
  • <SYSTEM32>\msres\skin\bk\mapbg.png
  • <SYSTEM32>\msres\skin\bk\Thumbs.db
  • C:\install\topbg.jpg
  • <SYSTEM32>\msres\skin\background\userreg.png
  • C:\install\btnclose.bmp
  • <SYSTEM32>\msres\skin\background\userreg2.png
  • C:\install\libeay32.dll
  • <SYSTEM32>\msres\skin\background\pack_head1.bmp
  • <SYSTEM32>\msres\skin\background\pack_bg.bmp
  • C:\install\wj_01.png
  • <SYSTEM32>\msres\skin\background\images\wj_01.png
  • C:\install\wp.png
  • <SYSTEM32>\msres\skin\background\images\wp.png
  • C:\install\xk_01.png
  • <SYSTEM32>\msres\skin\background\images\xk_01.png
  • C:\install\xk_02.png
  • C:\install\pack_bg.bmp
  • <SYSTEM32>\msres\skin\background\images\Thumbs.db
  • <SYSTEM32>\msres\skin\background\images\xk_02.png
  • <SYSTEM32>\msres\skin\bk\topbg.jpg
  • C:\install\xx.bmp
  • C:\install\xx.png
  • <SYSTEM32>\msres\skin\background\images\xx.png
  • C:\install\xz.png
  • <SYSTEM32>\msres\skin\background\images\xz.png
  • C:\install\yp.png
  • <SYSTEM32>\msres\skin\background\images\yp.png
  • C:\install\zip.png
  • C:\install\xk_03.png
  • <SYSTEM32>\msres\skin\background\images\xk_03.png
  • <SYSTEM32>\msres\skin\background\images\zip.png
  • <SYSTEM32>\msres\skin\background\images\xx.bmp
  • <SYSTEM32>\msres\skin\btn\btnclose.bmp
  • C:\install\close_1.bmp
  • <SYSTEM32>\msres\skin\btn\btnclose2.bmp
  • <SYSTEM32>\msres\skin\btn\dengji.png
  • C:\install\down.bmp
  • <SYSTEM32>\msres\skin\btn\down.bmp
  • C:\install\down1.bmp
  • <SYSTEM32>\msres\skin\btn\down1.bmp
  • C:\install\down2.bmp
  • <SYSTEM32>\msres\skin\btn\down2.bmp
  • <SYSTEM32>\msres\skin\btn\close_05.png
  • C:\install\gb_01.png
  • C:\install\gb_02.png
  • C:\install\dengji.png
  • <SYSTEM32>\msres\skin\btn\gb_02.png
  • <SYSTEM32>\msres\skin\btn\gb_03.png
  • C:\install\gx_01.bmp
  • <SYSTEM32>\msres\skin\btn\gx_01.bmp
  • C:\install\gx_02.bmp
  • <SYSTEM32>\msres\skin\btn\gx_02.bmp
  • C:\install\head_03.jpg
  • <SYSTEM32>\msres\skin\btn\head_03.jpg
  • <SYSTEM32>\msres\skin\btn\gb_01.png
  • C:\install\close_05.png
  • C:\install\btnclose1.bmp
  • C:\install\gb_03.png
  • <SYSTEM32>\msres\skin\btn\close_1.bmp
  • <SYSTEM32>\msres\skin\btn\close_03.png
  • C:\install\close_03.png
  • C:\install\btnclose3.bmp
  • <SYSTEM32>\msres\skin\btn\btnclose3.bmp
  • C:\install\btnmin.bmp
  • <SYSTEM32>\msres\skin\btn\btnmin.bmp
  • C:\install\btnmin1.bmp
  • <SYSTEM32>\msres\skin\btn\btnmin1.bmp
  • C:\install\btnmin2.bmp
  • <SYSTEM32>\msres\skin\btn\btnmin2.bmp
  • C:\install\btnmin3.bmp
  • C:\install\btnclose2.bmp
  • <SYSTEM32>\msres\skin\btn\btnmin3.bmp
  • <SYSTEM32>\msres\skin\btn\btnuser.bmp
  • C:\install\circul1.bmp
  • <SYSTEM32>\msres\skin\btn\circul1.bmp
  • C:\install\circul2.bmp
  • <SYSTEM32>\msres\skin\btn\circul2.bmp
  • C:\install\close1.bmp
  • <SYSTEM32>\msres\skin\btn\close1.bmp
  • C:\install\close2.bmp
  • <SYSTEM32>\msres\skin\btn\close2.bmp
  • <SYSTEM32>\msres\skin\background\images\sx_01.png
  • C:\install\btnuser.bmp
  • <SYSTEM32>\msres\skin\btn\btnclose1.bmp
  • <SYSTEM32>\msres\skin\background\images\wjj.png
  • C:\install\wjj.png
  • C:\install\sx_01.png
  • <SYSTEM32>\msres\skin\background\images\ss.png
  • C:\install\RunOnce.exe
  • <SYSTEM32>\msres\RunOnce.exe
  • C:\install\safeport.ytf
  • <SYSTEM32>\msres\safeport.ytf
  • C:\install\ScanOfficeDll.dll
  • <SYSTEM32>\msres\ScanOfficeDll.dll
  • C:\install\ScanWord.exe
  • C:\install\restoreKrl.log
  • C:\install\restoreKrl.dll
  • <SYSTEM32>\msres\ScanWord.exe
  • <SYSTEM32>\msres\RuiXing.ytf
  • C:\install\ScreenLock.exe
  • C:\install\SCW32.dll
  • <SYSTEM32>\msres\SCW32.dll
  • C:\install\SCW64.dll
  • <SYSTEM32>\msres\SCW64.dll
  • C:\install\sesys.sys
  • <SYSTEM32>\msres\sesys.sys
  • C:\install\Setup.exe
  • C:\install\screenlock.bmp
  • <SYSTEM32>\msres\screenlock.bmp
  • <SYSTEM32>\msres\PacketUpdate.dll
  • <SYSTEM32>\msres\ScreenLock.exe
  • C:\install\RuiXing.ytf
  • <SYSTEM32>\msres\restoreKrl.dll
  • <SYSTEM32>\msres\Reload.bat
  • <SYSTEM32>\msres\PLDevice.dll
  • <SYSTEM32>\msres\PLViewer.sys
  • C:\install\ProcMon.sys
  • <SYSTEM32>\ProcMon.sys
  • C:\install\procW.ytf
  • <SYSTEM32>\msres\procW.ytf
  • C:\install\rdf.ytf
  • <SYSTEM32>\msres\rdf.ytf
  • C:\install\rdt.ytf
  • <SYSTEM32>\msres\ParaSet.ytf
  • <SYSTEM32>\msres\rdt.ytf
  • <SYSTEM32>\msres\reg\delete.bat
  • C:\install\internet-h.bat
  • <SYSTEM32>\msres\reg\internet-h.bat
  • C:\install\internet-m.bat
  • <SYSTEM32>\msres\reg\internet-m.bat
  • C:\install\internet-mh.bat
  • <SYSTEM32>\msres\reg\internet-mh.bat
  • C:\install\regupfilt.sys
  • <DRIVERS>\regupfilt.sys
  • C:\install\Reload.bat
  • C:\install\delete.bat
  • <SYSTEM32>\msres\Setup.exe
  • C:\install\ShowMsg.exe
  • C:\install\ParaSet.ytf
  • C:\install\cwts_03.bmp
  • <SYSTEM32>\msres\skin\background\head_bk.bmp
  • <SYSTEM32>\msres\skin\background\images\qdan_01.png
  • C:\install\qdan_02.png
  • <SYSTEM32>\msres\skin\background\images\qdan_02.png
  • C:\install\qdan_03.png
  • <SYSTEM32>\msres\skin\background\images\qdan_03.png
  • C:\install\qxan1_09.jpg
  • <SYSTEM32>\msres\skin\background\images\qxan1_09.jpg
  • <SYSTEM32>\msres\skin\background\images\pdf.png
  • C:\install\qxan2_09.png
  • C:\install\qxan3_09.png
  • C:\install\qdan_01.png
  • <SYSTEM32>\msres\skin\background\images\qxan3_09.png
  • <SYSTEM32>\msres\skin\background\images\sc.png
  • C:\install\scyp_01.png
  • <SYSTEM32>\msres\skin\background\images\scyp_01.png
  • C:\install\scyp_02.png
  • <SYSTEM32>\msres\skin\background\images\scyp_02.png
  • C:\install\scyp_03.png
  • <SYSTEM32>\msres\skin\background\images\scyp_03.png
  • <SYSTEM32>\msres\skin\background\images\qxan2_09.png
  • <SYSTEM32>\msres\restoreKrl.log
  • C:\install\ss.png
  • C:\install\sc.png
  • <SYSTEM32>\msres\skin\background\images\ppt.png
  • C:\install\ppt.png
  • C:\install\pdf.png
  • C:\install\dh2_01.png
  • <SYSTEM32>\msres\skin\background\images\dh2_01.png
  • C:\install\dh_01.png
  • <SYSTEM32>\msres\skin\background\images\dh_01.png
  • C:\install\doc.png
  • <SYSTEM32>\msres\skin\background\images\doc.png
  • C:\install\down.png
  • <SYSTEM32>\msres\skin\background\images\down.png
  • <SYSTEM32>\msres\skin\background\cwts_03.bmp
  • C:\install\fswj_01.png
  • C:\install\fswj_02.png
  • <SYSTEM32>\msres\skin\background\images\fswj_02.png
  • C:\install\fswj_03.png
  • <SYSTEM32>\msres\skin\background\images\fswj_03.png
  • C:\install\gwxz.png
  • <SYSTEM32>\msres\skin\background\images\gwxz.png
  • C:\install\gxz.png
  • <SYSTEM32>\msres\skin\background\images\gxz.png
  • C:\install\jpg.png
  • <SYSTEM32>\msres\skin\background\images\jpg.png
  • <SYSTEM32>\msres\skin\background\images\fswj_01.png
  • C:\install\more.png
  • <SYSTEM32>\msres\skin\background\images\more.png
  • C:\install\head_bk.bmp
  • C:\log\Setup.log
Deletes the following files:
  • C:\install\0001E932
  • C:\install\ico5.png
  • C:\install\max_focu.bmp
  • C:\install\max_down.bmp
  • C:\install\LeftArrow.bmp
  • C:\install\InActiveCaption.bmp
  • C:\install\HorizontalThumb.bmp
  • C:\install\HeaderCtrlNormal.bmp
  • C:\install\FrameTopBorder.bmp
  • C:\install\FrameBorder.bmp
  • C:\install\FormViewBk.bmp
  • C:\install\exit_nor.bmp
  • C:\install\exit_foc.bmp
  • C:\install\exit_down.bmp
  • C:\install\DialogBk.bmp
  • C:\install\ActiveCaption.bmp
  • C:\install\wifi.png
  • C:\install\wifi-no.png
  • C:\install\usmall.png
  • C:\install\up.png
  • C:\install\jzai.gif
  • C:\install\ico_ture.png
  • C:\install\max_norm.bmp
  • C:\install\ico_force.png
  • C:\install\MenuFocus.bmp
  • C:\install\MenuItemDown.bmp
  • C:\install\new-loginbodybk.bmp
  • C:\install\res_focu.bmp
  • C:\install\res_down.bmp
  • C:\install\new-TabHeadBtn.bmp
  • C:\install\new-TabHeadBk.bmp
  • C:\install\new-res_down.bmp
  • C:\install\new-okbk.bmp
  • C:\install\new-min_norm.bmp
  • C:\install\new-MenuItemBack.bmp
  • C:\install\new-menubt.bmp
  • C:\install\new-logintitlebk.bmp
  • C:\install\new-exit_nor.bmp
  • C:\install\box_3.bmp
  • C:\install\new-cancelbk.bmp
  • C:\install\new-BtnRight.bmp
  • C:\install\new-BtnMid.bmp
  • C:\install\new-BtnLeft.bmp
  • C:\install\new-BarExpand.bmp
  • C:\install\min_norm.bmp
  • C:\install\min_focu.bmp
  • C:\install\min_down.bmp
  • C:\install\MenuDown.bmp
  • C:\install\ico6.png
  • C:\install\ico4.png
  • C:\install\ico3.png
  • C:\install\uploadbt_3.bmp
  • C:\install\up.bmp
  • C:\install\sz_03.png
  • C:\install\sz_02.png
  • C:\install\sz_01.png
  • C:\install\sx_03.png
  • C:\install\sx_02.png
  • C:\install\sendbt_3.bmp
  • C:\install\sendbt_2.bmp
  • C:\install\sendbt_1.bmp
  • C:\install\select_fan2.bmp
  • C:\install\select_fan.bmp
  • C:\install\select_all2.bmp
  • C:\install\select_all.bmp
  • C:\install\repair2.bmp
  • C:\install\repair.bmp
  • C:\install\refreshbt_1.bmp
  • C:\install\qhdl_04.bmp
  • C:\install\qhdl_03.bmp
  • C:\install\qhdl_02.bmp
  • C:\install\qhdl_01.bmp
  • C:\install\uploadbt_1.bmp
  • C:\install\userchange_01.bmp
  • C:\install\ico1.png
  • C:\install\userchange_03.bmp
  • C:\install\ico2.png
  • C:\install\userchange_02.bmp
  • C:\install\yundisk.bmp
  • C:\install\wjj.bmp
  • C:\install\safedisk.bmp
  • C:\install\ppt.bmp
  • C:\install\pdf.bmp
  • C:\install\jpg.bmp
  • C:\install\doc.bmp
  • C:\install\dir_splite.bmp
  • C:\install\preview2.bmp
  • C:\install\dir_bk.bmp
  • C:\install\dir.bmp
  • C:\install\box_2.bmp
  • C:\install\box_1.bmp
  • C:\install\zhuce.png
  • C:\install\yj_02.bmp
  • C:\install\yj_01.bmp
  • C:\install\xx_03.bmp
  • C:\install\xx_02.bmp
  • C:\install\xx_01.bmp
  • C:\install\userregclose.png
  • C:\install\res_norm.bmp
  • C:\install\uploadbt_2.bmp
  • C:\install\RightArrow.bmp
  • C:\install\trayicon.exe
  • C:\install\wni.ytf
  • C:\install\WinSecCheck112.exe
  • C:\install\WinRaw.dll
  • C:\install\wininit.exe
  • C:\install\WifiPolicyDLL.dll
  • C:\install\WebMailData.ytf
  • C:\install\vssver2.scc
  • C:\install\VSetup.exe
  • C:\install\VSCommon.dll
  • C:\install\VSComLib.dll
  • C:\install\viewRect64.dll
  • C:\install\viewrect.dll
  • C:\install\ViewC.pdb
  • C:\install\ViewC.map
  • C:\install\ViewC.dll
  • C:\install\vgwdrv.sys
  • C:\install\vgwdrv.inf
  • C:\install\vgwdrv.dll
  • C:\install\vfsd_fre_wxp_x86.sys
  • C:\install\vfsd_fre_wnet_x86.sys
  • C:\install\vfsd_fre_wnet_AMD64.sys
  • C:\install\vfsd_fre_wlh_AMD64.sys
  • C:\install\vfsd_fre_wlh_x86.sys
  • C:\install\IEShims.dll
  • C:\install\msvcr10064.dll
  • C:\install\YTShellExt64.dll
  • C:\install\YTShellExt32.dll
  • C:\install\YTFunDll64.dll
  • C:\install\YTFunDll32.dll
  • C:\install\ytDisk2_64.sys
  • C:\install\ytDisk2_32.sys
  • C:\install\ytdisk.sys
  • C:\install\xfnet.dll
  • C:\install\XFMainTh.dll
  • C:\install\ytrest.sys
  • C:\install\YtMiniFilter.sys
  • C:\install\vfsd_fre_win7_x86_win10.sys
  • C:\install\YtMiniFilter.inf
  • C:\install\ytdisk64.sys
  • C:\install\VSetup64.exe
  • C:\install\vgwdrvx64.cat
  • C:\install\vgwdrv64.sys
  • C:\install\vgwdrv64.inf
  • C:\install\vgwdrv64.dll
  • C:\install\USBUpper64.sys
  • C:\install\sesys64.sys
  • C:\install\ProcMon64.sys
  • C:\install\vfsd_fre_win7_x86_win10_old.sys
  • C:\install\vfsd_fre_win7_x86.sys
  • C:\install\ppt.png
  • C:\install\TurboDLL.dll
  • C:\install\TaskKeyHook.dll
  • C:\install\SystemInfo.dll
  • C:\install\sysaid.exe
  • C:\install\svchost.exe
  • C:\install\StopLog.bat
  • C:\install\ssleay32.dll
  • C:\install\sqlite3.dll
  • C:\install\Special.ini
  • C:\install\SockLink.dll
  • C:\install\SMSS.exe
  • C:\install\slientInstall.ini
  • C:\install\ViewBk.bmp
  • C:\install\ToolBarFocus.bmp
  • C:\install\ToolBarBack.bmp
  • C:\install\TabRightSel.bmp
  • C:\install\TabRight.bmp
  • C:\install\TabMidSel.bmp
  • C:\install\TabMid.bmp
  • C:\install\TabLeftSel.bmp
  • C:\install\TabLeft.bmp
  • C:\install\ufsd32.dll
  • C:\install\ufsd64.dll
  • C:\install\vfsd_fre_win7_AMD64_win10_old.sys
  • C:\install\UserCtrl64.dll
  • C:\install\Microsoft.WindowsAPICodePack.dll
  • C:\install\vfsd_fre_win7_AMD64_win10.sys
  • C:\install\vfsd_fre_win7_AMD64.sys
  • C:\install\VerCtrl.dll
  • C:\install\VirtualDesktop.exe
  • C:\install\Util.dll
  • C:\install\UserInfo.ini
  • C:\install\PluginInfo.xml
  • C:\install\config.ini
  • C:\install\Microsoft.WindowsAPICodePack.Shell.dll
  • C:\install\skin.ini
  • C:\install\ScrollBarBk.bmp
  • C:\install\TaskSend.dll
  • C:\install\USBUpper.sys
  • C:\install\USBManage.dll
  • C:\install\Update.ytf
  • C:\install\UnPack.exe
  • C:\install\UnicodeDLL.dll
  • C:\install\ufsdicon64.dll
  • C:\install\ufsdicon32.dll
  • C:\install\UfsdCrypto64.dll
  • C:\install\UfsdCrypto32.dll
  • C:\install\UserCtrl32.dll
  • C:\install\preview1.bmp
  • C:\install\myfix_2.bmp
  • C:\install\myfix.bmp
  • C:\install\iconTray.ico
  • C:\install\mspm32.dll
  • C:\install\msnet64.dll
  • C:\install\MsgTrack.dll
  • C:\install\msch64.dll
  • C:\install\msch.dll
  • C:\install\MFrame.dll
  • C:\install\MANC.exe
  • C:\install\LocalSet.ytf
  • C:\install\local.ini
  • C:\install\libsedisk.dll
  • C:\install\libeay32.dll
  • C:\install\LanMap.dll
  • C:\install\KsSafeApi.dll
  • C:\install\itp.ytf
  • C:\install\IpTrack.dll
  • C:\install\InstallEx.exe
  • C:\install\inspect32.exe
  • C:\install\InjectDll32.exe
  • C:\install\ImageLib.dll
  • C:\install\IJL15.dll
  • C:\install\MSSF64.dll
  • C:\install\msproc.dll
  • C:\install\az.bat
  • C:\install\ica.ytf
  • C:\install\PacketUpdate.dll
  • C:\install\NewLockDesk.dll
  • C:\install\newicon.ico
  • C:\install\NetW.ytf
  • C:\install\NetTran.dll
  • C:\install\NetOp.dll
  • C:\install\NetJMFile64.dll
  • C:\install\NetJMFile32.dll
  • C:\install\NetClass.dll
  • C:\install\NetBase.dll
  • C:\install\xz.bat
  • C:\install\ProcMon.sys
  • C:\install\snetcfg.exe
  • C:\install\PLViewer.sys
  • C:\install\PLViewer.rar
  • C:\install\PLViewer.dll
  • C:\install\PLViewer-bak.sys
  • C:\install\PLViewer-12.9.sys
  • C:\install\netsf_m.inf
  • C:\install\netsf.inf
  • C:\install\msvcr100.dll
  • C:\install\ParaSet.ytf
  • C:\install\HKSock64.dll
  • C:\install\HKSock32.dll
  • C:\install\ExcelFunDll.dll
  • C:\install\EncryptGUI.exe
  • C:\install\DlgManage.dll
  • C:\install\DirMain.exe
  • C:\install\DeviceManage.dll
  • C:\install\curlUpload.dll
  • C:\install\riben.ytf
  • C:\install\localsoft.dat
  • C:\install\CommonFunDll.dll
  • C:\install\ComFun.dll
  • C:\install\ClientTool.exe
  • C:\install\CJ60Lib.dll
  • C:\install\change.dll
  • C:\install\BeginLog.bat
  • C:\install\AssistantThC.dll
  • C:\install\AnsiDLL.dll
  • C:\install\AdoBase.dll
  • C:\install\8021xClient.dll
  • C:\install\8021xClient-autocheck.dll
  • C:\install\setuptool.exe
  • C:\install\exit.bat
  • C:\install\new.doc
  • C:\install\new.ppt
  • C:\install\EncryptGUI_bak.exe
  • C:\install\new.xls
  • C:\install\GUI.dll
  • C:\install\HKForbit.dll
  • C:\install\GlobalUserCtrl64.dll
  • C:\install\GlobalUserCtrl32.dll
  • C:\install\GFunLib64.dll
  • C:\install\GFunLib32.dll
  • C:\install\GetPassx86.exe
  • C:\install\GetPassx64.exe
  • C:\install\FSHost64.exe
  • C:\install\FSHost32.exe
  • C:\install\PLDevice.dll
  • C:\install\PLViewer_lima1.sys
  • C:\install\FSConfig.ytf
  • C:\install\stop.bat
  • C:\install\run_c.bat
  • C:\install\run.bat
  • C:\install\readme.txt
  • C:\install\filedisk.sys
  • C:\install\filedisk.reg
  • C:\install\filedisk.exe
  • C:\install\Thumbs.db
  • C:\install\sysimg.img
  • C:\install\finger.dat
  • C:\install\FileTransport.dll
  • C:\install\mspm64.dll
  • C:\install\procW.ytf
  • C:\install\btnclose.bmp
  • C:\install\btnclose2.bmp
  • C:\install\topbg.jpg
  • C:\install\mapbg.png
  • C:\install\blue_bk.jpg
  • C:\install\userreg3.png
  • C:\install\userreg2.png
  • C:\install\userreg.png
  • C:\install\userchange_bk.bmp
  • C:\install\search.bmp
  • C:\install\seachnone.bmp
  • C:\install\pack_head2.bmp
  • C:\install\pack_head1.bmp
  • C:\install\pack_bg.bmp
  • C:\install\zip.png
  • C:\install\yp.png
  • C:\install\xz.png
  • C:\install\xx.png
  • C:\install\xx.bmp
  • C:\install\xk_03.png
  • C:\install\xk_02.png
  • C:\install\xk_01.png
  • C:\install\btnclose3.bmp
  • C:\install\btnmin.bmp
  • C:\install\min.bmp
  • C:\install\close_1.bmp
  • C:\install\dengji.png
  • C:\install\head_03.jpg
  • C:\install\gx_02.bmp
  • C:\install\gx_01.bmp
  • C:\install\gb_03.png
  • C:\install\gb_02.png
  • C:\install\gb_01.png
  • C:\install\down2.bmp
  • C:\install\down1.bmp
  • C:\install\down.bmp
  • C:\install\btnclose1.bmp
  • C:\install\wp.png
  • C:\install\rdf.ytf
  • C:\install\close_03.png
  • C:\install\close2.bmp
  • C:\install\close1.bmp
  • C:\install\circul2.bmp
  • C:\install\circul1.bmp
  • C:\install\btnuser.bmp
  • C:\install\btnmin3.bmp
  • C:\install\btnmin2.bmp
  • C:\install\btnmin1.bmp
  • C:\install\close_05.png
  • C:\install\ytrest.inf
  • C:\install\zip.dll
  • C:\install\sx_01.png
  • C:\install\Setup.exe
  • C:\install\sesys.sys
  • C:\install\SCW64.dll
  • C:\install\SCW32.dll
  • C:\install\ScreenLock.exe
  • C:\install\screenlock.bmp
  • C:\install\ScanWord.exe
  • C:\install\ScanOfficeDll.dll
  • C:\install\safeport.ytf
  • C:\install\RunOnce.exe
  • C:\install\RuiXing.ytf
  • C:\install\restoreKrl.log
  • C:\install\restoreKrl.dll
  • C:\install\Reload.bat
  • C:\install\regupfilt.sys
  • C:\install\internet-mh.bat
  • C:\install\internet-m.bat
  • C:\install\internet-h.bat
  • C:\install\delete.bat
  • C:\install\rdt.ytf
  • C:\install\cwts_03.bmp
  • C:\install\head_bk.bmp
  • C:\install\ShowMsg.exe
  • C:\install\dh2_01.png
  • C:\install\ss.png
  • C:\install\dh_01.png
  • C:\install\scyp_03.png
  • C:\install\scyp_02.png
  • C:\install\scyp_01.png
  • C:\install\sc.png
  • C:\install\qxan3_09.png
  • C:\install\qxan2_09.png
  • C:\install\qxan1_09.jpg
  • C:\install\qdan_03.png
  • C:\install\qdan_02.png
  • C:\install\wj_01.png
  • C:\install\wjj.png
  • C:\install\pdf.png
  • C:\install\more.png
  • C:\install\jpg.png
  • C:\install\gxz.png
  • C:\install\gwxz.png
  • C:\install\fswj_03.png
  • C:\install\fswj_02.png
  • C:\install\fswj_01.png
  • C:\install\down.png
  • C:\install\doc.png
  • C:\install\qdan_01.png
  • C:\install\0002B429
Substitutes the following files:
  • C:\install\filedisk.exe
  • C:\install\YtMiniFilter.sys
  • C:\install\YtMiniFilter.inf
  • C:\install\setuptool.exe
  • C:\install\skin.ini
  • C:\install\search.bmp
  • C:\install\down.bmp
  • C:\install\sx_01.png
  • C:\install\Thumbs.db
  • C:\install\snetcfg.exe
  • C:\install\PLViewer.sys
  • C:\install\PLViewer.dll
  • C:\install\PLViewer-12.9.sys
  • C:\install\netsf_m.inf
  • C:\install\netsf.inf
  • C:\install\stop.bat
  • C:\install\run_c.bat
  • C:\install\run.bat
  • C:\install\filedisk.sys
  • C:\install\filedisk.reg
  • C:\install\ytrest.inf
  • C:\install\ytrest.sys
Miscellaneous:
Searches for the following windows:
  • ClassName: 'EDIT' WindowName: ''
Creates and executes the following:
  • '<Current directory>\ClientSetup.exe'
  • '<SYSTEM32>\msres\Setup.exe' /Serv

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play