ユーザー向け情報

閉じる

マイライブラリ
マイライブラリ

+ マイライブラリに追加

検索
検索

電話
テクニカルサポート利用方法

問い合わせ

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

フォーラム(英語)

お問い合わせ履歴

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

Profile

JP

RU CN DE EN ES FR IT JP KZ UZ PL BY
閉じる
サービス
スキャナー
Dr.Web vxCube
トライアル
ウイルスライブラリ
ナレッジベース

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

ニュース

Trojan.AVKill.22706

Added to the Dr.Web virus database: 2012-09-09

Virus description added:

Technical Information

To ensure autorun and distribution:
Modifies the following registry keys:
  • [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'EXPLORER' = '%WINDIR%\explorеr.exe'
Malicious functions:
Executes the following:
  • <SYSTEM32>\tskill.exe pfwadmin
  • <SYSTEM32>\tskill.exe pingscan
  • <SYSTEM32>\tskill.exe platin
  • <SYSTEM32>\tskill.exe pf2
  • <SYSTEM32>\tskill.exe pcscan
  • <SYSTEM32>\tskill.exe periscope
  • <SYSTEM32>\tskill.exe persfw
  • <SYSTEM32>\tskill.exe pop3trap
  • <SYSTEM32>\tskill.exe pptbc
  • <SYSTEM32>\tskill.exe ppvstop
  • <SYSTEM32>\tskill.exe processmonitor
  • <SYSTEM32>\tskill.exe ppinupdt
  • <SYSTEM32>\tskill.exe poproxy
  • <SYSTEM32>\tskill.exe portdetective
  • <SYSTEM32>\tskill.exe portmonitor
  • <SYSTEM32>\tskill.exe pavsched
  • <SYSTEM32>\tskill.exe pavw
  • <SYSTEM32>\tskill.exe pc -cillan
  • <SYSTEM32>\tskill.exe pavproxy
  • <SYSTEM32>\tskill.exe panixk
  • <SYSTEM32>\tskill.exe pav
  • <SYSTEM32>\tskill.exe pavcl
  • <SYSTEM32>\tskill.exe pc -cillin
  • <SYSTEM32>\tskill.exe pccwin97
  • <SYSTEM32>\tskill.exe pccwin98
  • <SYSTEM32>\tskill.exe pcfwallicon
  • <SYSTEM32>\tskill.exe pccntmon
  • <SYSTEM32>\tskill.exe pccclient
  • <SYSTEM32>\tskill.exe pccguide
  • <SYSTEM32>\tskill.exe pcciomon
  • <SYSTEM32>\tskill.exe safeweb
  • <SYSTEM32>\tskill.exe sbserv
  • <SYSTEM32>\tskill.exe SBservice
  • <SYSTEM32>\tskill.exe rulaunch
  • <SYSTEM32>\tskill.exe rrguard
  • <SYSTEM32>\tskill.exe rshell
  • <SYSTEM32>\tskill.exe rtvscn95
  • <SYSTEM32>\tskill.exe scan
  • <SYSTEM32>\tskill.exe sd
  • <SYSTEM32>\tskill.exe SENS
  • <SYSTEM32>\tskill.exe serv95
  • <SYSTEM32>\tskill.exe scrscan
  • <SYSTEM32>\tskill.exe scan32
  • <SYSTEM32>\tskill.exe scan95
  • <SYSTEM32>\tskill.exe scanpm
  • <SYSTEM32>\tskill.exe pspf
  • <SYSTEM32>\tskill.exe purge
  • <SYSTEM32>\tskill.exe pview95
  • <SYSTEM32>\tskill.exe protectx
  • <SYSTEM32>\tskill.exe procexplorerv10#
  • <SYSTEM32>\tskill.exe programauditor
  • <SYSTEM32>\tskill.exe proport
  • <SYSTEM32>\tskill.exe pw32
  • <SYSTEM32>\tskill.exe realmon
  • <SYSTEM32>\tskill.exe regrun2
  • <SYSTEM32>\tskill.exe rescue
  • <SYSTEM32>\tskill.exe rav7win
  • <SYSTEM32>\tskill.exe qconsole
  • <SYSTEM32>\tskill.exe rav
  • <SYSTEM32>\tskill.exe rav7
  • <SYSTEM32>\tskill.exe pandaav
  • <SYSTEM32>\tskill.exe nisum
  • <SYSTEM32>\tskill.exe nisumnisservnisum
  • <SYSTEM32>\tskill.exe nmain
  • <SYSTEM32>\tskill.exe nisserv
  • <SYSTEM32>\tskill.exe netutils
  • <SYSTEM32>\tskill.exe netutils]
  • <SYSTEM32>\tskill.exe nimda
  • <SYSTEM32>\tskill.exe nod32
  • <SYSTEM32>\tskill.exe normanav
  • <SYSTEM32>\tskill.exe normist
  • <SYSTEM32>\tskill.exe norton
  • <SYSTEM32>\tskill.exe norman32
  • <SYSTEM32>\tskill.exe norman
  • <SYSTEM32>\tskill.exe norman_32
  • <SYSTEM32>\tskill.exe norman_av
  • <SYSTEM32>\tskill.exe neowatchlog
  • <SYSTEM32>\tskill.exe net2000
  • <SYSTEM32>\tskill.exe netarmor
  • <SYSTEM32>\tskill.exe neomonitor
  • <SYSTEM32>\tskill.exe Navwnt
  • <SYSTEM32>\tskill.exe nc2000
  • <SYSTEM32>\tskill.exe ndd32
  • <SYSTEM32>\tskill.exe netcommando
  • <SYSTEM32>\tskill.exe netscanpro
  • <SYSTEM32>\tskill.exe netspyhunter -1.2
  • <SYSTEM32>\tskill.exe netstat
  • <SYSTEM32>\tskill.exe netprotect
  • <SYSTEM32>\tskill.exe netinfo
  • <SYSTEM32>\tskill.exe netmon
  • <SYSTEM32>\tskill.exe netpro
  • <SYSTEM32>\tskill.exe nvarch16
  • <SYSTEM32>\tskill.exe nvc95
  • <SYSTEM32>\tskill.exe nvsvc32
  • <SYSTEM32>\tskill.exe nupgrade
  • <SYSTEM32>\tskill.exe ntvdm
  • <SYSTEM32>\tskill.exe ntxconfig
  • <SYSTEM32>\tskill.exe nui
  • <SYSTEM32>\tskill.exe nwservice
  • <SYSTEM32>\tskill.exe outpost
  • <SYSTEM32>\tskill.exe padmin
  • <SYSTEM32>\tskill.exe panda
  • <SYSTEM32>\tskill.exe ostronet
  • <SYSTEM32>\tskill.exe nwtool16
  • <SYSTEM32>\tskill.exe offguard
  • <SYSTEM32>\tskill.exe OPScan
  • <SYSTEM32>\tskill.exe npfmessenger
  • <SYSTEM32>\tskill.exe npfw
  • <SYSTEM32>\tskill.exe npfw32
  • <SYSTEM32>\tskill.exe notstart
  • <SYSTEM32>\tskill.exe Norton Auto-Protect
  • <SYSTEM32>\tskill.exe norton_av
  • <SYSTEM32>\tskill.exe nortonav
  • <SYSTEM32>\tskill.exe nprotect
  • <SYSTEM32>\tskill.exe nschednt
  • <SYSTEM32>\tskill.exe nsplugin
  • <SYSTEM32>\tskill.exe ntrtscan
  • <SYSTEM32>\tskill.exe nsched32
  • <SYSTEM32>\tskill.exe npscheck
  • <SYSTEM32>\tskill.exe npssvc
  • <SYSTEM32>\tskill.exe nresq32
  • <SYSTEM32>\tskill.exe vshwin32
  • <SYSTEM32>\tskill.exe vshwin32vbcmserv
  • <SYSTEM32>\tskill.exe vsmain
  • <SYSTEM32>\tskill.exe vsecomr
  • <SYSTEM32>\tskill.exe vptray
  • <SYSTEM32>\tskill.exe vscan40
  • <SYSTEM32>\tskill.exe vsched
  • <SYSTEM32>\tskill.exe vsmon
  • <SYSTEM32>\tskill.exe watchdog
  • <SYSTEM32>\tskill.exe webscanx
  • <SYSTEM32>\tskill.exe webtrap
  • <SYSTEM32>\tskill.exe w9x
  • <SYSTEM32>\tskill.exe vsstat
  • <SYSTEM32>\tskill.exe vswin9xe
  • <SYSTEM32>\tskill.exe vswinntse
  • <SYSTEM32>\tskill.exe vcontrol
  • <SYSTEM32>\tskill.exe vet32
  • <SYSTEM32>\tskill.exe vet95
  • <SYSTEM32>\tskill.exe vccmserv
  • <SYSTEM32>\tskill.exe vbust
  • <SYSTEM32>\tskill.exe vbwin9x
  • <SYSTEM32>\tskill.exe vbwinntw
  • <SYSTEM32>\tskill.exe vettray
  • <SYSTEM32>\tskill.exe vnpc3000
  • <SYSTEM32>\tskill.exe vpc32
  • <SYSTEM32>\tskill.exe vpfw30s
  • <SYSTEM32>\tskill.exe vnlan300
  • <SYSTEM32>\tskill.exe vir -help
  • <SYSTEM32>\tskill.exe virus
  • <SYSTEM32>\tskill.exe virusmdpersonalfirewall
  • <SYSTEM32>\tskill.exe ashAvast
  • <SYSTEM32>\tskill.exe ashBug
  • <SYSTEM32>\tskill.exe ashDisp
  • <SYSTEM32>\tskill.exe ashSimpl
  • <SYSTEM32>\tskill.exe zauinst
  • <SYSTEM32>\tskill.exe zonealarm
  • <SYSTEM32>\tskill.exe
  • <SYSTEM32>\tskill.exe ashSimp2
  • <SYSTEM32>\tskill.exe AVASTSS
  • <SYSTEM32>\tskill.exe ashSkPcc
  • <SYSTEM32>\tskill.exe aswRegSvr
  • <SYSTEM32>\tskill.exe aswUpdSv
  • <SYSTEM32>\tskill.exe ashUpd
  • <SYSTEM32>\tskill.exe ashServ
  • <SYSTEM32>\tskill.exe ashChest
  • <SYSTEM32>\tskill.exe winrecon
  • <SYSTEM32>\tskill.exe winroute
  • <SYSTEM32>\tskill.exe winsfcm
  • <SYSTEM32>\tskill.exe wimmun32
  • <SYSTEM32>\tskill.exe wfindv32
  • <SYSTEM32>\tskill.exe wgfe95
  • <SYSTEM32>\tskill.exe whoswatchingme
  • <SYSTEM32>\tskill.exe wnt
  • <SYSTEM32>\tskill.exe wyvernworksfirewall
  • <SYSTEM32>\tskill.exe zapro
  • <SYSTEM32>\tskill.exe zatutor
  • <SYSTEM32>\tskill.exe wsbgate
  • <SYSTEM32>\tskill.exe wqkmm3878
  • <SYSTEM32>\tskill.exe wradmin
  • <SYSTEM32>\tskill.exe wrctrl
  • <SYSTEM32>\tskill.exe vbcons
  • <SYSTEM32>\tskill.exe /pid=5648
  • <SYSTEM32>\tskill.exe supp95
  • <SYSTEM32>\tskill.exe supporter5
  • <SYSTEM32>\tskill.exe st2
  • <SYSTEM32>\tskill.exe /pid=5848
  • <SYSTEM32>\tskill.exe srwatch
  • <SYSTEM32>\tskill.exe ss3edit
  • <SYSTEM32>\tskill.exe sweep95
  • <SYSTEM32>\tskill.exe /pid=5888
  • <SYSTEM32>\tskill.exe swnetsup
  • <SYSTEM32>\tskill.exe symantec
  • <SYSTEM32>\tskill.exe sweepsrv.sysvshwin32
  • <SYSTEM32>\tskill.exe /pid=5292
  • <SYSTEM32>\tskill.exe sweepnet
  • <SYSTEM32>\tskill.exe sweepsrv.sys
  • <SYSTEM32>\tskill.exe sofi
  • <SYSTEM32>\tskill.exe sophos
  • <SYSTEM32>\tskill.exe sophos_av
  • <SYSTEM32>\tskill.exe shn
  • <SYSTEM32>\tskill.exe sfc
  • <SYSTEM32>\tskill.exe sh
  • <SYSTEM32>\tskill.exe sharedaccess
  • <SYSTEM32>\tskill.exe sophosav
  • <SYSTEM32>\tskill.exe spygate
  • <SYSTEM32>\tskill.exe spyx
  • <SYSTEM32>\tskill.exe spyxx
  • <SYSTEM32>\tskill.exe spy
  • <SYSTEM32>\tskill.exe /pid=5236
  • <SYSTEM32>\tskill.exe spf
  • <SYSTEM32>\tskill.exe sphinx
  • <SYSTEM32>\tskill.exe tfak5
  • <SYSTEM32>\tskill.exe tgbob
  • <SYSTEM32>\tskill.exe titanin
  • <SYSTEM32>\tskill.exe tfak
  • <SYSTEM32>\tskill.exe tds -3
  • <SYSTEM32>\tskill.exe tds2 -98
  • <SYSTEM32>\tskill.exe tds2 -nt
  • <SYSTEM32>\tskill.exe titaninxp
  • <SYSTEM32>\tskill.exe undoboot
  • <SYSTEM32>\tskill.exe update
  • <SYSTEM32>\tskill.exe vbcmserv
  • <SYSTEM32>\tskill.exe TrueVector
  • <SYSTEM32>\tskill.exe trendmicro
  • <SYSTEM32>\tskill.exe trjscan
  • <SYSTEM32>\tskill.exe trojantrap3
  • <SYSTEM32>\tskill.exe symproxysvc
  • <SYSTEM32>\tskill.exe symtray
  • <SYSTEM32>\tskill.exe sysedit
  • <SYSTEM32>\tskill.exe symlcsvc
  • <SYSTEM32>\tskill.exe /pid=5808
  • <SYSTEM32>\tskill.exe Symantec Core LC
  • <SYSTEM32>\tskill.exe /pid=5388
  • <SYSTEM32>\tskill.exe taskmon
  • <SYSTEM32>\tskill.exe tca
  • <SYSTEM32>\tskill.exe tcm
  • <SYSTEM32>\tskill.exe tctca
  • <SYSTEM32>\tskill.exe tc
  • <SYSTEM32>\tskill.exe taumon
  • <SYSTEM32>\tskill.exe tauscan
  • <SYSTEM32>\tskill.exe tbscan
  • <SYSTEM32>\tskill.exe blackice
  • <SYSTEM32>\tskill.exe blackiceblackd
  • <SYSTEM32>\tskill.exe BootWarn
  • <SYSTEM32>\tskill.exe blackd
  • <SYSTEM32>\tskill.exe bidserver
  • <SYSTEM32>\tskill.exe bipcp
  • <SYSTEM32>\tskill.exe bisp
  • <SYSTEM32>\tskill.exe borg2
  • <SYSTEM32>\tskill.exe ccIMScan
  • <SYSTEM32>\tskill.exe ccPwdSrc
  • <SYSTEM32>\tskill.exe ccpxysvc
  • <SYSTEM32>\tskill.exe ccevtmgr
  • <SYSTEM32>\tskill.exe bs120
  • <SYSTEM32>\tskill.exe bullguard
  • <SYSTEM32>\tskill.exe ccApp
  • <SYSTEM32>\tskill.exe avxinit
  • <SYSTEM32>\tskill.exe avxlive
  • <SYSTEM32>\tskill.exe avxmonitor9x
  • <SYSTEM32>\tskill.exe avxgui
  • <SYSTEM32>\tskill.exe avwin95
  • <SYSTEM32>\tskill.exe avwinnt
  • <SYSTEM32>\tskill.exe avwupd32
  • <SYSTEM32>\tskill.exe avxmonitornt
  • <SYSTEM32>\tskill.exe BACKLOG
  • <SYSTEM32>\tskill.exe bd_professional
  • <SYSTEM32>\tskill.exe bidef
  • <SYSTEM32>\tskill.exe avxw
  • <SYSTEM32>\tskill.exe avxnews
  • <SYSTEM32>\tskill.exe avxquar
  • <SYSTEM32>\tskill.exe avxsch
  • <SYSTEM32>\tskill.exe ctrl
  • <SYSTEM32>\tskill.exe defalert
  • <SYSTEM32>\tskill.exe defence
  • <SYSTEM32>\tskill.exe cpf9x206
  • <SYSTEM32>\tskill.exe connectionmonitor
  • <SYSTEM32>\tskill.exe conseal
  • <SYSTEM32>\tskill.exe cpd
  • <SYSTEM32>\tskill.exe defense
  • <SYSTEM32>\tskill.exe dpf
  • <SYSTEM32>\tskill.exe drwatson
  • <SYSTEM32>\tskill.exe drweb32
  • <SYSTEM32>\tskill.exe doors
  • <SYSTEM32>\tskill.exe defscangui
  • <SYSTEM32>\tskill.exe defwatch
  • <SYSTEM32>\tskill.exe deputy
  • <SYSTEM32>\tskill.exe cfinet
  • <SYSTEM32>\tskill.exe cfinet32
  • <SYSTEM32>\tskill.exe claw95
  • <SYSTEM32>\tskill.exe cfiaudit
  • <SYSTEM32>\tskill.exe ccSetMgr
  • <SYSTEM32>\tskill.exe cdp
  • <SYSTEM32>\tskill.exe cfiadmin
  • <SYSTEM32>\tskill.exe claw95cf
  • <SYSTEM32>\tskill.exe cmgrdian
  • <SYSTEM32>\tskill.exe cmon016
  • <SYSTEM32>\tskill.exe codered
  • <SYSTEM32>\tskill.exe cleanpc
  • <SYSTEM32>\tskill.exe clean
  • <SYSTEM32>\tskill.exe cleaner
  • <SYSTEM32>\tskill.exe cleaner3
  • <SYSTEM32>\tskill.exe avsynmgr
  • <SYSTEM32>\tskill.exe aplica32
  • <SYSTEM32>\tskill.exe apvxdwin
  • <SYSTEM32>\tskill.exe atcon
  • <SYSTEM32>\tskill.exe apimonitor
  • <SYSTEM32>\tskill.exe antivirus
  • <SYSTEM32>\tskill.exe ants
  • <SYSTEM32>\tskill.exe antssircam
  • <SYSTEM32>\tskill.exe atguard
  • <SYSTEM32>\tskill.exe autodown
  • <SYSTEM32>\tskill.exe autotrace
  • <SYSTEM32>\tskill.exe autoupdate
  • <SYSTEM32>\tskill.exe atwatch
  • <SYSTEM32>\tskill.exe ats
  • <SYSTEM32>\tskill.exe atscan
  • <SYSTEM32>\tskill.exe atupdater
  • <SYSTEM32>\tskill.exe advxdwin
  • <SYSTEM32>\tskill.exe agentsvr
  • <SYSTEM32>\tskill.exe agv
  • <SYSTEM32>\tskill.exe ackwin32
  • <SYSTEM32>\tskill.exe _avp32
  • <SYSTEM32>\tskill.exe _avpcc
  • <SYSTEM32>\tskill.exe _avpm
  • <SYSTEM32>\tskill.exe ahnsd
  • <SYSTEM32>\tskill.exe amonavp32
  • <SYSTEM32>\tskill.exe anti -trojan
  • <SYSTEM32>\tskill.exe antivir
  • <SYSTEM32>\tskill.exe amon9x
  • <SYSTEM32>\tskill.exe alertsvc
  • <SYSTEM32>\tskill.exe alogserv
  • <SYSTEM32>\tskill.exe amon
  • <SYSTEM32>\tskill.exe avpdos32
  • <SYSTEM32>\tskill.exe avpexec
  • <SYSTEM32>\tskill.exe avpinst
  • <SYSTEM32>\tskill.exe avpccavpm
  • <SYSTEM32>\tskill.exe avp32
  • <SYSTEM32>\tskill.exe avpcc
  • <SYSTEM32>\tskill.exe AVPCC Service
  • <SYSTEM32>\tskill.exe avpm
  • <SYSTEM32>\tskill.exe avpupdates
  • <SYSTEM32>\tskill.exe avrescue
  • <SYSTEM32>\tskill.exe avsched32
  • <SYSTEM32>\tskill.exe avpupd
  • <SYSTEM32>\tskill.exe avpmonitor
  • <SYSTEM32>\tskill.exe avptc
  • <SYSTEM32>\tskill.exe avptc32
  • <SYSTEM32>\tskill.exe avgserv
  • <SYSTEM32>\tskill.exe avgserv9
  • <SYSTEM32>\tskill.exe avgserv9schedapp
  • <SYSTEM32>\tskill.exe avgctrl
  • <SYSTEM32>\tskill.exe avconsol
  • <SYSTEM32>\tskill.exe ave32
  • <SYSTEM32>\tskill.exe avgcc32
  • <SYSTEM32>\tskill.exe avgw
  • <SYSTEM32>\tskill.exe avkwctl9
  • <SYSTEM32>\tskill.exe avnt
  • <SYSTEM32>\tskill.exe avp
  • <SYSTEM32>\tskill.exe avkwcl9
  • <SYSTEM32>\tskill.exe avkpop
  • <SYSTEM32>\tskill.exe avkserv
  • <SYSTEM32>\tskill.exe avkservice
  • <SYSTEM32>\tskill.exe mcafee
  • <SYSTEM32>\tskill.exe mcagent
  • <SYSTEM32>\tskill.exe mcmnhdlr
  • <SYSTEM32>\tskill.exe luspt
  • <SYSTEM32>\tskill.exe lookout
  • <SYSTEM32>\tskill.exe luall
  • <SYSTEM32>\tskill.exe lucomserver
  • <SYSTEM32>\tskill.exe mcshield
  • <SYSTEM32>\tskill.exe mcvsshld
  • <SYSTEM32>\tskill.exe mgavrtcl
  • <SYSTEM32>\tskill.exe mgavrte
  • <SYSTEM32>\tskill.exe mcvsrte
  • <SYSTEM32>\tskill.exe mcshieldvvstat
  • <SYSTEM32>\tskill.exe mctool
  • <SYSTEM32>\tskill.exe mcupdate
  • <SYSTEM32>\tskill.exe jammer
  • <SYSTEM32>\tskill.exe jedi
  • <SYSTEM32>\tskill.exe kavpf
  • <SYSTEM32>\tskill.exe isrv95
  • <SYSTEM32>\tskill.exe iomon98
  • <SYSTEM32>\tskill.exe iparmor
  • <SYSTEM32>\tskill.exe iris
  • <SYSTEM32>\tskill.exe kav
  • <SYSTEM32>\tskill.exe localnet
  • <SYSTEM32>\tskill.exe lockdown
  • <SYSTEM32>\tskill.exe lockdown2000
  • <SYSTEM32>\tskill.exe ldscan
  • <SYSTEM32>\tskill.exe kavsvc
  • <SYSTEM32>\tskill.exe ldnetmon
  • <SYSTEM32>\tskill.exe ldpromenu
  • <SYSTEM32>\tskill.exe navap
  • <SYSTEM32>\tskill.exe navapsvc
  • <SYSTEM32>\tskill.exe NAVAPW32
  • <SYSTEM32>\tskill.exe navalert
  • <SYSTEM32>\tskill.exe nav
  • <SYSTEM32>\tskill.exe NAV DefAlert
  • <SYSTEM32>\tskill.exe nav32
  • <SYSTEM32>\tskill.exe navauto -protect
  • <SYSTEM32>\tskill.exe navrunr
  • <SYSTEM32>\tskill.exe navstub
  • <SYSTEM32>\tskill.exe navw32
  • <SYSTEM32>\tskill.exe navnt
  • <SYSTEM32>\tskill.exe navdx
  • <SYSTEM32>\tskill.exe navengnavex15
  • <SYSTEM32>\tskill.exe navlu32
  • <SYSTEM32>\tskill.exe monitor
  • <SYSTEM32>\tskill.exe monsys32
  • <SYSTEM32>\tskill.exe monsysnt
  • <SYSTEM32>\tskill.exe mon
  • <SYSTEM32>\tskill.exe mghtml
  • <SYSTEM32>\tskill.exe mgui
  • <SYSTEM32>\tskill.exe minilog
  • <SYSTEM32>\tskill.exe moolive
  • <SYSTEM32>\tskill.exe mwatch
  • <SYSTEM32>\tskill.exe mxtask
  • <SYSTEM32>\tskill.exe n32scanw
  • <SYSTEM32>\tskill.exe msinfo32
  • <SYSTEM32>\tskill.exe mpfservice
  • <SYSTEM32>\tskill.exe mpftray
  • <SYSTEM32>\tskill.exe mrflux
  • <SYSTEM32>\tskill.exe inoculateit
  • <SYSTEM32>\tskill.exe fameh32
  • <SYSTEM32>\tskill.exe fast
  • <SYSTEM32>\tskill.exe fch32
  • <SYSTEM32>\tskill.exe f -stopw
  • <SYSTEM32>\tskill.exe f -prot
  • <SYSTEM32>\tskill.exe f -prot95
  • <SYSTEM32>\tskill.exe f -secure
  • <SYSTEM32>\tskill.exe fih32
  • <SYSTEM32>\tskill.exe fnrb32
  • <SYSTEM32>\tskill.exe fp -win
  • <SYSTEM32>\tskill.exe fp -win_trial
  • <SYSTEM32>\tskill.exe flowprotector
  • <SYSTEM32>\tskill.exe findviru
  • <SYSTEM32>\tskill.exe firewall
  • <SYSTEM32>\tskill.exe fix-it
  • <SYSTEM32>\tskill.exe efpeadm
  • <SYSTEM32>\tskill.exe esafe
  • <SYSTEM32>\tskill.exe escanh95
  • <SYSTEM32>\tskill.exe edisk
  • <SYSTEM32>\tskill.exe dvp95
  • <SYSTEM32>\tskill.exe dvp95_0
  • <SYSTEM32>\tskill.exe ecengine
  • <SYSTEM32>\tskill.exe escanhnt
  • <SYSTEM32>\tskill.exe exantivirus -cnet
  • <SYSTEM32>\tskill.exe expert
  • <SYSTEM32>\tskill.exe f -agnt95
  • <SYSTEM32>\tskill.exe evpn
  • <SYSTEM32>\tskill.exe escanv95
  • <SYSTEM32>\tskill.exe espwatch
  • <SYSTEM32>\tskill.exe etrustcipe
  • <SYSTEM32>\tskill.exe iamserv
  • <SYSTEM32>\tskill.exe iamstats
  • <SYSTEM32>\tskill.exe ibmasn
  • <SYSTEM32>\tskill.exe iamapp
  • <SYSTEM32>\tskill.exe guarddog
  • <SYSTEM32>\tskill.exe HackerEliminator
  • <SYSTEM32>\tskill.exe hh
  • <SYSTEM32>\tskill.exe ibmavsp
  • <SYSTEM32>\tskill.exe icsuppnt
  • <SYSTEM32>\tskill.exe iface
  • <SYSTEM32>\tskill.exe ifw2000
  • <SYSTEM32>\tskill.exe icsupp95
  • <SYSTEM32>\tskill.exe icload95
  • <SYSTEM32>\tskill.exe icloadnt
  • <SYSTEM32>\tskill.exe icmon
  • <SYSTEM32>\tskill.exe fsav95
  • <SYSTEM32>\tskill.exe fsave32
  • <SYSTEM32>\tskill.exe fsgk32
  • <SYSTEM32>\tskill.exe fsav32
  • <SYSTEM32>\tskill.exe fprot
  • <SYSTEM32>\tskill.exe frw
  • <SYSTEM32>\tskill.exe fsaa
  • <SYSTEM32>\tskill.exe fsm32
  • <SYSTEM32>\tskill.exe generics
  • <SYSTEM32>\tskill.exe grief3878
  • <SYSTEM32>\tskill.exe guard
  • <SYSTEM32>\tskill.exe gedit
  • <SYSTEM32>\tskill.exe fsmb32
  • <SYSTEM32>\tskill.exe gbmenu
  • <SYSTEM32>\tskill.exe gbpoll
Injects code into
the following system processes:
  • <SYSTEM32>\tskill.exe
the following user processes:
  • nod32.exe
  • outpost.exe
  • AVGCC32.EXE
  • AVP32.EXE
  • AVPM.EXE
Terminates or attempts to terminate
the following user processes:
  • NAVAPW32.EXE
  • nod32.exe
  • mpftray.exe
  • GUARD.EXE
  • MCAGENT.EXE
  • ZONEALARM.EXE
  • ashAvast.exe
  • zapro.exe
  • outpost.exe
  • smc.exe
  • AVP.EXE
  • AVP32.EXE
  • AVP.COM
  • AVGCC32.EXE
  • AVGCTRL.EXE
  • ccapp.exe
  • fsav32.exe
  • AVSYNMGR.EXE
  • AVPCC.EXE
  • AVPM.EXE
Modifies file system :
Creates the following files:
  • %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cmyip[1]
  • %WINDIR%\explorеr.exe
Deletes the following files:
  • %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cmyip[1]
Network activity:
Connects to:
  • '94.##0.191.201':25
  • 'www.cm##p.com':80
TCP:
HTTP GET requests:
  • www.cm##p.com/
UDP:
  • DNS ASK sm##.mail.ru
  • DNS ASK www.cm##p.com
Miscellaneous:
Searches for the following windows:
  • ClassName: 'Indicator' WindowName: ''

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play