ユーザー向け情報

閉じる

マイライブラリ
マイライブラリ

+ マイライブラリに追加

検索
検索

電話
テクニカルサポート利用方法

問い合わせ

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

フォーラム(英語)

お問い合わせ履歴

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

Profile

JP

RU CN DE EN ES FR IT JP KZ UZ PL BY
閉じる
サービス
スキャナー
Dr.Web vxCube
トライアル
ウイルスライブラリ
ナレッジベース

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

ニュース

Trojan.MulDrop11.19217

Added to the Dr.Web virus database: 2019-10-06

Virus description added:

Technical Information

Malicious functions
Modifies settings of Windows Internet Explorer
  • [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '1406' = '00000000'
Modifies file system
Creates the following files
  • %TEMP%\nsye789.tmp
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\opera-touch-sync.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\stories\technologies.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\stories\false-positive.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\stories\drivers.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\stories\about.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\waiting.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\successful-install.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\start.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\start-off.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\service-mode.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\second-browser-yandex.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\stories\vpn.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\second-browser-tor.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\second-browser-opera-blur.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\second-browser-firefox.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\second-browser-edge.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\second-browser-chrome.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\second-browser-chrome-blur.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\reviews-back.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\reliability.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\reliability-2.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\reboot.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\opera.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\opera-update.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\second-browser-opera.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\opera-touch-top-right-block-right.png
  • %TEMP%\driverpack-20191012180134\img\programs\arrow-collapse.png
  • %TEMP%\driverpack-20191012180134\img\programs\arrow-expand.png
  • %TEMP%\driverpack-20191012180134\img\screens\arrow-start-screen-toggle.png
  • %TEMP%\driverpack-20191012180134\img\screens\arrow-bottom.png
  • %TEMP%\driverpack-20191012180134\img\programs\uninstall-single-loader.gif
  • %TEMP%\driverpack-20191012180134\img\programs\uninstall-all-loader.gif
  • %TEMP%\driverpack-20191012180134\img\programs\start_btn-icon.png
  • %TEMP%\driverpack-20191012180134\img\programs\start_arrow.png
  • %TEMP%\driverpack-20191012180134\img\programs\star-full.png
  • %TEMP%\driverpack-20191012180134\img\programs\star-full-protect.png
  • %TEMP%\driverpack-20191012180134\img\programs\star-empty.png
  • %TEMP%\driverpack-20191012180134\img\programs\star-empty-protect.png
  • %TEMP%\driverpack-20191012180134\img\programs\soft-bg.png
  • %TEMP%\driverpack-20191012180134\img\programs\rolling-remove-single.gif
  • %TEMP%\driverpack-20191012180134\img\programs\scan.png
  • %TEMP%\driverpack-20191012180134\img\programs\rolling.gif
  • %TEMP%\driverpack-20191012180134\img\programs\protector-bg.png
  • %TEMP%\driverpack-20191012180134\img\programs\installed-programs_info-warn.png
  • %TEMP%\driverpack-20191012180134\img\programs\installed-programs_info-success.png
  • %TEMP%\driverpack-20191012180134\img\programs\expand-all@2x.svg
  • %TEMP%\driverpack-20191012180134\img\programs\expand-all.png
  • %TEMP%\driverpack-20191012180134\img\programs\default-soft.png
  • %TEMP%\driverpack-20191012180134\img\programs\confirm-popup-deny.png
  • %TEMP%\driverpack-20191012180134\img\programs\confirm-popup-accept.png
  • %TEMP%\driverpack-20191012180134\img\programs\btn-icon.png
  • %TEMP%\driverpack-20191012180134\img\programs\btn-icon-install-all-soft.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\stories\why-free.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\opera-touch-top-right-block-left.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\opera-touch-left.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\opera-slow-connection.png
  • %TEMP%\driverpack-20191012180134\img\installation\soft\internet.png
  • %TEMP%\driverpack-20191012180134\img\no_internet\no_internet-connection.png
  • %TEMP%\driverpack-20191012180134\img\no_internet\no_internet-complete.png
  • %TEMP%\driverpack-20191012180134\img\installation\statuses\sleep.png
  • %TEMP%\driverpack-20191012180134\img\installation\statuses\progress.gif
  • %TEMP%\driverpack-20191012180134\img\installation\statuses\error.png
  • %TEMP%\driverpack-20191012180134\img\installation\statuses\done.png
  • %TEMP%\driverpack-20191012180134\img\installation\soft\viewer.png
  • %TEMP%\driverpack-20191012180134\img\installation\soft\system.png
  • %TEMP%\driverpack-20191012180134\img\installation\soft\player.png
  • %TEMP%\driverpack-20191012180134\img\installation\soft\messenger.png
  • %TEMP%\driverpack-20191012180134\img\no_internet\no_internet-step1.png
  • %TEMP%\driverpack-20191012180134\img\no_internet\no_internet-step2.png
  • %TEMP%\driverpack-20191012180134\img\onboarding\antiviruses.gif
  • %TEMP%\driverpack-20191012180134\img\installation\soft\backup.png
  • %TEMP%\driverpack-20191012180134\img\installation\soft\archiver.png
  • %TEMP%\driverpack-20191012180134\img\installation\soft\antivirus.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\zbad.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\wifi.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\webcamera.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\video.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\vendor.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\tvtuner.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\sound.png
  • %TEMP%\driverpack-20191012180134\img\installation\soft\browser.png
  • %TEMP%\driverpack-20191012180134\img\onboarding\autostart.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\opera-notebook.png
  • %TEMP%\driverpack-20191012180134\img\onboarding\checking.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\opera-opened-browser-ram.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\antivirus.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\opera-notebook-add.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\opera-mining.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\opera-low-ram.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\opera-chrome-back.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\hacker.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\continuous.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\compilation.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\checking.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\awesome.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\average.png
  • %TEMP%\driverpack-20191012180134\img\onboarding-new\assistant-off.png
  • %TEMP%\driverpack-20191012180134\img\onboarding\likes\up.png
  • %TEMP%\driverpack-20191012180134\img\onboarding\blocked.png
  • %TEMP%\driverpack-20191012180134\img\onboarding\likes\up-hover.png
  • %TEMP%\driverpack-20191012180134\img\onboarding\likes\up-active.png
  • %TEMP%\driverpack-20191012180134\img\onboarding\likes\down.png
  • %TEMP%\driverpack-20191012180134\img\onboarding\likes\down-hover.png
  • %TEMP%\driverpack-20191012180134\img\onboarding\likes\down-active.png
  • %TEMP%\driverpack-20191012180134\img\onboarding\soft.png
  • %TEMP%\driverpack-20191012180134\img\onboarding\social.png
  • %TEMP%\driverpack-20191012180134\img\onboarding\settings.png
  • %TEMP%\driverpack-20191012180134\img\onboarding\done.png
  • %TEMP%\driverpack-20191012180134\img\onboarding\cleaning.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\restore_point.png
  • %TEMP%\driverpack-20191012180134\img\installation\soft\drivers.png
  • %TEMP%\driverpack-20191012180134\img\screens\arrow-top.png
  • %TEMP%\driverpack-20191012180134\img\screens\icon-system-restore.png
  • %TEMP%\driverpack-20191012180134\languages\sk.js
  • %TEMP%\driverpack-20191012180134\languages\ru.js
  • %TEMP%\driverpack-20191012180134\languages\ro.js
  • %TEMP%\driverpack-20191012180134\languages\pt-pt.js
  • %TEMP%\driverpack-20191012180134\languages\pt-br.js
  • %TEMP%\driverpack-20191012180134\languages\ps.js
  • %TEMP%\driverpack-20191012180134\languages\pl.js
  • %TEMP%\driverpack-20191012180134\languages\om.js
  • %TEMP%\driverpack-20191012180134\languages\no.js
  • %TEMP%\driverpack-20191012180134\languages\nl.js
  • %TEMP%\driverpack-20191012180134\languages\ku.js
  • %TEMP%\driverpack-20191012180134\languages\es-419.js
  • %TEMP%\driverpack-20191012180134\languages\ko.js
  • %TEMP%\driverpack-20191012180134\languages\it.js
  • %TEMP%\driverpack-20191012180134\languages\id.js
  • %TEMP%\driverpack-20191012180134\languages\hy.js
  • %TEMP%\driverpack-20191012180134\languages\hu.js
  • %TEMP%\driverpack-20191012180134\languages\hi.js
  • %TEMP%\driverpack-20191012180134\languages\he.js
  • %TEMP%\driverpack-20191012180134\languages\gu.js
  • %TEMP%\driverpack-20191012180134\languages\fr.js
  • %TEMP%\driverpack-20191012180134\languages\fil.js
  • %TEMP%\driverpack-20191012180134\languages\fa.js
  • %TEMP%\driverpack-20191012180134\languages\et.js
  • %TEMP%\driverpack-20191012180134\languages\ka.js
  • %TEMP%\driverpack-20191012180134\languages\es.js
  • %TEMP%\driverpack-20191012180134\languages\sl.js
  • %TEMP%\driverpack-20191012180134\languages\zh-cn.js
  • %TEMP%\csc2509.tmp
  • %TEMP%\c1xkamx_.out
  • %TEMP%\c1xkamx_.cmdline
  • %TEMP%\c1xkamx_.0.cs
  • %APPDATA%\drpsu\temp\ps.k1oaadp9.w0b1g.ps1
  • %APPDATA%\drpsu\temp\ps.k1oaadhv.px4b0.cmd.txt
  • %TEMP%\driverpack-20191012180134\programs\downloader_elements.exe
  • %TEMP%\driverpack-20191012180134\programs\downloader_browser_tr.exe
  • %TEMP%\driverpack-20191012180134\programs\downloader_browser.exe
  • %TEMP%\driverpack-20191012180134\programs\avastantivirusworldwidea.exe
  • %TEMP%\driverpack-20191012180134\programs\avastantivirusa.exe
  • %TEMP%\driverpack-20191012180134\languages\sr.js
  • %TEMP%\driverpack-20191012180134\languages\sq.js
  • %TEMP%\driverpack-20191012180134\languages\yo.js
  • %TEMP%\driverpack-20191012180134\languages\vi.js
  • %TEMP%\driverpack-20191012180134\languages\uz.js
  • %TEMP%\driverpack-20191012180134\languages\ur.js
  • %TEMP%\driverpack-20191012180134\languages\uk.js
  • %TEMP%\driverpack-20191012180134\languages\tr.js
  • %TEMP%\driverpack-20191012180134\languages\th.js
  • %TEMP%\driverpack-20191012180134\languages\tg.js
  • %TEMP%\driverpack-20191012180134\languages\te.js
  • %TEMP%\driverpack-20191012180134\languages\ta.js
  • %TEMP%\driverpack-20191012180134\languages\sw.js
  • %TEMP%\driverpack-20191012180134\languages\zh.js
  • %TEMP%\driverpack-20191012180134\languages\en.js
  • %TEMP%\driverpack-20191012180134\languages\de.js
  • %TEMP%\driverpack-20191012180134\img\installation\banner_driverpack-for-all-bg.jpg
  • %TEMP%\driverpack-20191012180134\img\screens\install-programs-grey.png
  • %TEMP%\driverpack-20191012180134\img\screens\menu-offline.png
  • %TEMP%\driverpack-20191012180134\img\screens\menu-lang-icon.png
  • %TEMP%\driverpack-20191012180134\img\screens\menu-lang-arrow.png
  • %TEMP%\driverpack-20191012180134\img\screens\menu-games.png
  • %TEMP%\driverpack-20191012180134\img\screens\menu-drivers.png
  • %TEMP%\driverpack-20191012180134\img\screens\menu-diagnostics.png
  • %TEMP%\driverpack-20191012180134\img\screens\load-screen-server.png
  • %TEMP%\driverpack-20191012180134\img\screens\language-arrow_hover.png
  • %TEMP%\driverpack-20191012180134\img\screens\language-arrow.png
  • %TEMP%\driverpack-20191012180134\img\screens\kebab-icon.png
  • %TEMP%\driverpack-20191012180134\img\screens\menu-software.png
  • %TEMP%\driverpack-20191012180134\img\screens\menu-report-icon.png
  • %TEMP%\driverpack-20191012180134\img\screens\menu-settings-icon.png
  • %TEMP%\driverpack-20191012180134\img\screens\icon-driver-row-collapse.png
  • %TEMP%\driverpack-20191012180134\img\screens\icon-device-manager.png
  • %TEMP%\driverpack-20191012180134\img\screens\globe_normal.png
  • %TEMP%\driverpack-20191012180134\img\screens\globe_hover.png
  • %TEMP%\driverpack-20191012180134\img\screens\expert_normal.png
  • %TEMP%\driverpack-20191012180134\img\screens\expert_hover.png
  • %TEMP%\driverpack-20191012180134\img\screens\driver-filter-arrow.png
  • %TEMP%\driverpack-20191012180134\img\screens\control-panel-grey.png
  • %TEMP%\driverpack-20191012180134\img\screens\configurator-loader.gif
  • %TEMP%\driverpack-20191012180134\img\screens\configurator-btn-icon.png
  • %TEMP%\driverpack-20191012180134\img\screens\icon-support.png
  • %TEMP%\driverpack-20191012180134\img\screens\move-to-top_arrow.png
  • %TEMP%\driverpack-20191012180134\languages\cs.js
  • %TEMP%\driverpack-20191012180134\img\screens\backup-grey.png
  • %TEMP%\driverpack-20191012180134\img\screens\menu-protect.png
  • %TEMP%\driverpack-20191012180134\languages\ca.js
  • %TEMP%\driverpack-20191012180134\languages\bn.js
  • %TEMP%\driverpack-20191012180134\languages\bg.js
  • %TEMP%\driverpack-20191012180134\languages\be.js
  • %TEMP%\driverpack-20191012180134\languages\az.js
  • %TEMP%\driverpack-20191012180134\languages\ar.js
  • %TEMP%\driverpack-20191012180134\js\soft.js
  • %TEMP%\driverpack-20191012180134\img\server_err_no_internet\vpn.png
  • %TEMP%\driverpack-20191012180134\img\server_err_no_internet\torrent.png
  • %TEMP%\driverpack-20191012180134\img\server_err_no_internet\no_internet-connection-cat.png
  • %TEMP%\driverpack-20191012180134\img\server_err_no_internet\flash.png
  • %TEMP%\driverpack-20191012180134\img\server_err_no_internet\firewall.png
  • %TEMP%\driverpack-20191012180134\img\server_err_no_internet\connect.png
  • %TEMP%\driverpack-20191012180134\img\server_err_no_internet\browser.png
  • %TEMP%\driverpack-20191012180134\img\screens\zero-drivers_logo.png
  • %TEMP%\driverpack-20191012180134\img\screens\zero-drivers_button-arrow.png
  • %TEMP%\driverpack-20191012180134\img\screens\trusted_hover.png
  • %TEMP%\driverpack-20191012180134\img\screens\trusted.png
  • %TEMP%\driverpack-20191012180134\img\screens\startscreen-slider-oval.png
  • %TEMP%\driverpack-20191012180134\img\screens\startscreen-slider-oval-yellow-hover.png
  • %TEMP%\driverpack-20191012180134\img\screens\startscreen-slider-oval-hover.png
  • %TEMP%\driverpack-20191012180134\img\screens\start-info.png
  • %TEMP%\driverpack-20191012180134\img\screens\settings-bg.png
  • %TEMP%\driverpack-20191012180134\img\screens\new-logo.png
  • %TEMP%\driverpack-20191012180134\img\screens\checkbox.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\printer.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\phone.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\other.png
  • %TEMP%\driverpack-20191012180134\img\loading.gif
  • %TEMP%\driverpack-20191012180134\img\assistant-chat\directx.png
  • %TEMP%\driverpack-20191012180134\img\assistant-chat\chat-icon.png
  • %TEMP%\driverpack-20191012180134\img\wifi.png
  • %TEMP%\driverpack-20191012180134\img\wifi-disabled.png
  • %TEMP%\driverpack-20191012180134\img\start-loader.gif
  • %TEMP%\driverpack-20191012180134\img\speaker.png
  • %TEMP%\driverpack-20191012180134\img\new-logo.png
  • %TEMP%\driverpack-20191012180134\img\med_logo_ui2.png
  • %TEMP%\driverpack-20191012180134\img\med_logo_dark.png
  • %TEMP%\driverpack-20191012180134\img\med_logo.png
  • %TEMP%\driverpack-20191012180134\img\assistant-chat\no-sound.png
  • %TEMP%\driverpack-20191012180134\img\assistant-chat\no-sound-hover.png
  • %TEMP%\driverpack-20191012180134\css\fonts\roboto\roboto-regular-webfont.eot
  • %TEMP%\driverpack-20191012180134\img\installation-loader.gif
  • %TEMP%\driverpack-20191012180134\img\info.png
  • %TEMP%\driverpack-20191012180134\img\driver-row-arrow.png
  • %TEMP%\driverpack-20191012180134\img\device-generic.png
  • %TEMP%\driverpack-20191012180134\img\cam.png
  • %TEMP%\driverpack-20191012180134\img\btn-icon-admin-mode.png
  • %TEMP%\driverpack-20191012180134\img\blank.gif
  • %TEMP%\driverpack-20191012180134\css\fonts\roboto\roboto-thin-webfont.ttf
  • %TEMP%\driverpack-20191012180134\css\fonts\roboto\roboto-thin-webfont.eot
  • %TEMP%\driverpack-20191012180134\css\fonts\roboto\roboto-regular-webfont.ttf
  • %TEMP%\driverpack-20191012180134\img\loading-finish.png
  • %TEMP%\driverpack-20191012180134\img\loading-spiner.gif
  • %TEMP%\driverpack-20191012180134\img\assistant-chat\systemlib.png
  • %TEMP%\driverpack-20191012180134\css\fonts\roboto\roboto-light-webfont.ttf
  • %TEMP%\driverpack-20191012180134\img\charms\toolkit.png
  • %TEMP%\driverpack-20191012180134\img\charms\store.png
  • %TEMP%\driverpack-20191012180134\img\charms\setup.png
  • %TEMP%\driverpack-20191012180134\img\charms\setup.jpg
  • %TEMP%\driverpack-20191012180134\img\charms\reload-sm.png
  • %TEMP%\driverpack-20191012180134\img\charms\programms.png
  • %TEMP%\driverpack-20191012180134\img\charms\pc.jpg
  • %TEMP%\driverpack-20191012180134\img\charms\line.jpg
  • %TEMP%\driverpack-20191012180134\img\charms\info.png
  • %TEMP%\driverpack-20191012180134\img\charms\help.png
  • %TEMP%\driverpack-20191012180134\img\assistant-chat\sound.png
  • %TEMP%\driverpack-20191012180134\img\device-class\bluetooth.png
  • %TEMP%\driverpack-20191012180134\img\charms\gears.png
  • %TEMP%\driverpack-20191012180134\img\charms\computer.png
  • %TEMP%\driverpack-20191012180134\img\charms\arrow.png
  • %TEMP%\driverpack-20191012180134\img\charms\apps.jpg
  • %TEMP%\driverpack-20191012180134\img\burger\auto_installation.png
  • %TEMP%\driverpack-20191012180134\img\bugreport\bugreport_loader.gif
  • %TEMP%\driverpack-20191012180134\img\bugreport\bugreport_icon_skip.png
  • %TEMP%\driverpack-20191012180134\img\bugreport\bugreport_icon_previous.png
  • %TEMP%\driverpack-20191012180134\img\bugreport\bugreport_icon_ie.png
  • %TEMP%\driverpack-20191012180134\img\bugreport\bugreport_icon_alert.png
  • %TEMP%\driverpack-20191012180134\img\assistant-chat\visualc.png
  • %TEMP%\driverpack-20191012180134\img\charms\download.png
  • %TEMP%\driverpack-20191012180134\img\charms\download.jpg
  • %TEMP%\driverpack-20191012180134\css\fonts\roboto\roboto-light-webfont.eot
  • %TEMP%\driverpack-20191012180134\css\fonts\proximanova\proxima_nova_semibold-webfont.woff
  • %TEMP%\driverpack-20191012180134\css\roboto.css
  • %TEMP%\driverpack-20191012180134\css\open-sans.css
  • %TEMP%\driverpack-20191012180134\css\normalize.min.css
  • %TEMP%\driverpack-20191012180134\css\lte-ie9.css
  • %TEMP%\driverpack-20191012180134\css\lte-ie8.css
  • %TEMP%\driverpack-20191012180134\css\ie7.css
  • %TEMP%\driverpack-20191012180134\css\ie6.css
  • %TEMP%\driverpack-20191012180134\css\icons.css
  • %TEMP%\driverpack-20191012180134\css\icons-checkbox.css
  • %TEMP%\driverpack-20191012180134\css\custom-control.css
  • %TEMP%\driverpack-20191012180134\css\style.css
  • %TEMP%\driverpack-20191012180134\css\blank.gif
  • %TEMP%\driverpack-20191012180134\tools\run.hta
  • %TEMP%\driverpack-20191012180134\tools\patch.reg
  • %TEMP%\driverpack-20191012180134\tools\load8.gif
  • %TEMP%\driverpack-20191012180134\tools\icon.ico
  • %TEMP%\driverpack-20191012180134\run.hta
  • %TEMP%\driverpack-20191012180134\drp.js
  • %TEMP%\driverpack-20191012180134\drp.css
  • %TEMP%\driverpack-20191012180134\config.js
  • %TEMP%\driverpack-20191012180134\driverpacksolution.html
  • %TEMP%\nsoe79a.tmp\modern-header.bmp
  • %TEMP%\nsoe79a.tmp\system.dll
  • %TEMP%\driverpack-20191012180134\tools\modules\bugreport.hta
  • %TEMP%\driverpack-20191012180134\css\fonts\drpcheckbox\drpcheckbox.eot
  • %TEMP%\driverpack-20191012180134\css\fonts\drpcheckbox\drpcheckbox.svg
  • %TEMP%\driverpack-20191012180134\css\proximanova.css
  • %TEMP%\driverpack-20191012180134\css\fonts\drpcheckbox\drpcheckbox.ttf
  • %TEMP%\driverpack-20191012180134\css\fonts\proximanova\proxima_nova_semibold-webfont.svg
  • %TEMP%\driverpack-20191012180134\css\fonts\open-sans\opensans-regular-webfont.ttf
  • %TEMP%\driverpack-20191012180134\css\fonts\proximanova\proxima_nova_semibold-webfont.eot
  • %TEMP%\driverpack-20191012180134\css\fonts\proximanova\proxima_nova_regular-webfont.woff
  • %TEMP%\driverpack-20191012180134\css\fonts\proximanova\proxima_nova_regular-webfont.ttf
  • %TEMP%\driverpack-20191012180134\css\fonts\proximanova\proxima_nova_regular-webfont.svg
  • %TEMP%\driverpack-20191012180134\css\fonts\proximanova\proxima_nova_regular-webfont.eot
  • %TEMP%\driverpack-20191012180134\css\fonts\proximanova\proxima_nova_light-webfont.woff
  • %TEMP%\driverpack-20191012180134\css\fonts\proximanova\proxima_nova_light-webfont.ttf
  • %TEMP%\driverpack-20191012180134\css\fonts\proximanova\proxima_nova_light-webfont.svg
  • %TEMP%\driverpack-20191012180134\css\fonts\proximanova\proxima_nova_light-webfont.eot
  • %TEMP%\driverpack-20191012180134\css\fonts\open-sans\opensans-semibold-webfont.ttf
  • %TEMP%\driverpack-20191012180134\css\fonts\open-sans\opensans-semibold-webfont.eot
  • %TEMP%\driverpack-20191012180134\css\fonts\open-sans\opensans-regular-webfont.eot
  • %TEMP%\driverpack-20191012180134\css\fonts\proximanova\proxima_nova_semibold-webfont.ttf
  • %TEMP%\driverpack-20191012180134\css\fonts\open-sans\opensans-italic-webfont.ttf
  • %TEMP%\driverpack-20191012180134\css\fonts\open-sans\opensans-italic-webfont.eot
  • %TEMP%\driverpack-20191012180134\css\fonts\open-sans\opensans-bold-webfont.ttf
  • %TEMP%\driverpack-20191012180134\css\fonts\open-sans\opensans-bold-webfont.eot
  • %TEMP%\driverpack-20191012180134\css\fonts\open-sans\generator_config.txt
  • %TEMP%\driverpack-20191012180134\css\fonts\drpicons\drpicons-webfont.woff
  • %TEMP%\driverpack-20191012180134\css\fonts\drpicons\drpicons-webfont.ttf
  • %TEMP%\driverpack-20191012180134\css\fonts\drpicons\drpicons-webfont.svg
  • %TEMP%\driverpack-20191012180134\css\fonts\drpicons\drpicons-webfont.eot
  • %TEMP%\driverpack-20191012180134\css\fonts\drpcheckbox\drpcheckbox.woff
  • %TEMP%\driverpack-20191012180134\img\device-class\cardreader.png
  • %TEMP%\driverpack-20191012180134\img\device-class\chipset.png
  • %TEMP%\driverpack-20191012180134\img\assistant-chat\netframework.png
  • %TEMP%\driverpack-20191012180134\img\device-class\default.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\close.png
  • %TEMP%\driverpack-20191012180134\img\installation\banner_social-vk.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\cancel_hover.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\cancel_disable.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\cancel.png
  • %TEMP%\driverpack-20191012180134\img\installation\icon-installed.png
  • %TEMP%\driverpack-20191012180134\img\installation\icon-install.png
  • %TEMP%\driverpack-20191012180134\img\installation\icon-details.png
  • %TEMP%\driverpack-20191012180134\img\installation\confirm-popup-check-mark.png
  • %TEMP%\driverpack-20191012180134\img\installation\banner_yandex.png
  • %TEMP%\driverpack-20191012180134\img\installation\banner_win-10-bg.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner_virus-bg.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\info_normal.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\close_hover.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\info_hover.png
  • %TEMP%\driverpack-20191012180134\img\installation\banner_social-bg-en.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner_restore-bg.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner_protect-bg.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner_protect-bg-ru.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner_protect-bg-pt-br.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner_protect-bg-fr.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner_protect-bg-es.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner_protect-bg-en.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner_protect-bg-de.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner_opera-bg.gif
  • %TEMP%\driverpack-20191012180134\img\installation\banner_social-bg-ru.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\controls\less_hover.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\monitor.png
  • %TEMP%\driverpack-20191012180134\img\installation\banner_istart-bg.jpg
  • %TEMP%\driverpack-20191012180134\img\device-class\inputdev.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\modem.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\massstorage.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\lan.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\inputdev.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\chipset.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\cardreader.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\bluetooth.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\scanner.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\notebook.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\dp_xusb.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\dp_touchpad.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\dp_tv_dvb.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\dp_printer.png
  • %TEMP%\driverpack-20191012180134\img\installation\drivers\dp_biometric.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\reload_hover.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\reload_disable.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\reload.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\play_hover.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\play.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\pause_hover.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\pause.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\more_normal.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\more_hover.png
  • %TEMP%\driverpack-20191012180134\img\installation\controls\less_normal.png
  • %TEMP%\driverpack-20191012180134\img\installation\banner_social-fb.png
  • %TEMP%\driverpack-20191012180134\languages\el.js
  • %TEMP%\res2587.tmp
  • %TEMP%\driverpack-20191012180134\img\installation\banner_cloud-bg.jpg
  • %TEMP%\driverpack-20191012180134\img\final\final_partial-success$2x.png
  • %TEMP%\driverpack-20191012180134\img\final\final_main-cta-arrow$2x.png
  • %TEMP%\driverpack-20191012180134\img\final\final_failure$2x.png
  • %TEMP%\driverpack-20191012180134\img\final\final_button-warning$2x.png
  • %TEMP%\driverpack-20191012180134\img\final\final_aside-failure$2x.png
  • %TEMP%\driverpack-20191012180134\img\fake-installation\vpn.png
  • %TEMP%\driverpack-20191012180134\img\fake-installation\torrent.png
  • %TEMP%\driverpack-20191012180134\img\fake-installation\firewall.png
  • %TEMP%\driverpack-20191012180134\img\fake-installation\connect.png
  • %TEMP%\driverpack-20191012180134\img\fake-installation\browser.png
  • %TEMP%\driverpack-20191012180134\img\games\games-bottom-logo.png
  • %TEMP%\driverpack-20191012180134\img\device-class\wifi.png
  • %TEMP%\driverpack-20191012180134\img\device-class\video.png
  • %TEMP%\driverpack-20191012180134\img\device-class\undefined-device.png
  • %TEMP%\driverpack-20191012180134\img\device-class\tvtuner.png
  • %TEMP%\driverpack-20191012180134\img\device-class\sound.png
  • %TEMP%\driverpack-20191012180134\img\device-class\printer.png
  • %TEMP%\driverpack-20191012180134\img\device-class\phone.png
  • %TEMP%\driverpack-20191012180134\img\device-class\other.png
  • %TEMP%\driverpack-20191012180134\img\device-class\monitor.png
  • %TEMP%\driverpack-20191012180134\img\device-class\modem.png
  • %TEMP%\driverpack-20191012180134\img\device-class\massstorage.png
  • %TEMP%\driverpack-20191012180134\img\device-class\lan.png
  • %TEMP%\driverpack-20191012180134\img\device-class\webcamera.png
  • %TEMP%\driverpack-20191012180134\img\games\games-button-icon-green.png
  • %TEMP%\driverpack-20191012180134\img\final\final_success$2x.png
  • %TEMP%\driverpack-20191012180134\img\games\games-button-icon-white.png
  • %TEMP%\driverpack-20191012180134\img\installation\banner_catalog-bg.jpg
  • %TEMP%\driverpack-20191012180134\img\header\header-logo$2x.png
  • %TEMP%\driverpack-20191012180134\img\installation\banner_catalog-bg-ru.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner_catalog-bg-pt-br.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner_catalog-bg-en.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner_bullit-empty.png
  • %TEMP%\driverpack-20191012180134\img\installation\banner_bullit-active.png
  • %TEMP%\driverpack-20191012180134\img\installation\banner_browsers-bg.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner_avast-bg.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner_auth-bg.jpg
  • %TEMP%\driverpack-20191012180134\img\installation\banner-arrow-right.png
  • %TEMP%\driverpack-20191012180134\img\installation\banner-arrow-left.png
  • %TEMP%\driverpack-20191012180134\img\header\header-logo.png
  • %TEMP%\driverpack-20191012180134\img\header\header-bell.png
  • %TEMP%\driverpack-20191012180134\img\games\games-cloud-big.png
  • %TEMP%\driverpack-20191012180134\img\games\games-top-witcher.jpg
  • %TEMP%\driverpack-20191012180134\img\games\games-top-witcher-large.jpg
  • %TEMP%\driverpack-20191012180134\img\games\games-top-resident-evil.jpg
  • %TEMP%\driverpack-20191012180134\img\games\games-top-overwatch.jpg
  • %TEMP%\driverpack-20191012180134\img\games\games-top-mafia.jpg
  • %TEMP%\driverpack-20191012180134\img\games\games-top-hitman.jpg
  • %TEMP%\driverpack-20191012180134\img\games\games-top-gta.jpg
  • %TEMP%\driverpack-20191012180134\img\games\games-top-doom.jpg
  • %TEMP%\driverpack-20191012180134\img\games\games-top-doom-large.jpg
  • %TEMP%\driverpack-20191012180134\img\games\games-top-civilization.jpg
  • %TEMP%\driverpack-20191012180134\img\games\games-cloud.png
  • %TEMP%\driverpack-20191012180134\img\installation\banner_how-it-works-bg.jpg
  • %TEMP%\c1xkamx_.dll
Deletes the following files
  • %TEMP%\nsoe79a.tmp\modern-header.bmp
  • %TEMP%\nsoe79a.tmp\system.dll
  • %TEMP%\res2587.tmp
  • %TEMP%\csc2509.tmp
  • %TEMP%\c1xkamx_.cmdline
  • %TEMP%\c1xkamx_.out
  • %TEMP%\c1xkamx_.dll
  • %TEMP%\c1xkamx_.0.cs
  • %TEMP%\c1xkamx_.pdb
Network activity
UDP
  • DNS ASK al##ont.ru
  • DNS ASK au##.drp.su
Miscellaneous
Searches for the following windows
  • ClassName: 'MS_AutodialMonitor' WindowName: ''
  • ClassName: 'MS_WebCheckMonitor' WindowName: ''
  • ClassName: 'HTML Application Host Window Class' WindowName: ''
Creates and executes the following
  • '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -NonInteractive -NoLogo -NoProfile -ExecutionPolicy Bypass "Get-Content '%APPDATA%\DRPSu\temp\ps.k1oaadhv.px4b0.cmd.txt' -Wait | Invoke-Expression"
  • '%WINDIR%\syswow64\cmd.exe' /C powershell -NonInteractive -NoLogo -NoProfile -ExecutionPolicy Bypass "Get-Content '%APPDATA%\DRPSu\temp\ps.k1oaadhv.px4b0.cmd.txt' -Wait | Invoke-Expression" > "%APPDATA%\DRPSu\temp\ps.k1oa...' (with hidden window)
  • '%WINDIR%\microsoft.net\framework\v2.0.50727\csc.exe' /noconfig /fullpaths @"%TEMP%\c1xkamx_.cmdline"' (with hidden window)
  • '%WINDIR%\microsoft.net\framework\v2.0.50727\cvtres.exe' /NOLOGO /READONLY /MACHINE:IX86 "/OUT:%TEMP%\RES2587.tmp" "%TEMP%\CSC2509.tmp"' (with hidden window)
Executes the following
  • '%WINDIR%\syswow64\reg.exe' import "%TEMP%\DriverPack-20191012180134\Tools\patch.reg"
  • '%WINDIR%\syswow64\mshta.exe' "%TEMP%\DriverPack-20191012180134\run.hta" --sfx "<File name>.exe"
  • '%WINDIR%\syswow64\cmd.exe' /C powershell -NonInteractive -NoLogo -NoProfile -ExecutionPolicy Bypass "Get-Content '%APPDATA%\DRPSu\temp\ps.k1oaadhv.px4b0.cmd.txt' -Wait | Invoke-Expression" > "%APPDATA%\DRPSu\temp\ps.k1oa...
  • '%WINDIR%\microsoft.net\framework\v2.0.50727\csc.exe' /noconfig /fullpaths @"%TEMP%\c1xkamx_.cmdline"
  • '%WINDIR%\microsoft.net\framework\v2.0.50727\cvtres.exe' /NOLOGO /READONLY /MACHINE:IX86 "/OUT:%TEMP%\RES2587.tmp" "%TEMP%\CSC2509.tmp"

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play