ПОЛЬЗОВАТЕЛЯМ

Закрыть

Поиск

Поиск

Поддержка
Круглосуточная поддержка

Напишите

Запрос через форму

Позвоните

Бесплатно по России:
8-800-333-79-32

ЧаВо | Форум

Напишите

Задать вопрос в поддержку

Ваши запросы

  • Все: -
  • Незакрытые: -
  • Последний: -

Позвоните

Бесплатно по России:
8-800-333-79-32

Свяжитесь с нами Незакрытые запросы: 

Профиль

Профиль

BY

RU CN DE EN ES FR IT JP KZ UZ PL BY
Закрыть
Сервисы
Сканеры
Dr.Web vxCube
Демо
Экспертиза ВКИ
Вирусная библиотека
База знаний

Технологии

Термины

Обучение и просвещение

Мифы

Новости

Trojan.MulDrop18.11917

Добавлен в вирусную базу Dr.Web: 2021-08-04

Описание добавлено:

Technical Information

Modifies file system
Creates the following files
  • %TEMP%\extd25c.tmp
  • C:\thermal receipt printer 4.x\win64\x64\lkne1064.rra
  • C:\thermal receipt printer 4.x\win64\server2012\lkne1083.rra
  • C:\thermal receipt printer 4.x\win64\server2012\stdn1093.rra
  • C:\thermal receipt printer 4.x\win64\x64\lk-t10a3.rra
  • C:\thermal receipt printer 4.x\win64\x64\lkne10b2.rra
  • C:\thermal receipt printer 4.x\win64\x64\lkne10d1.rra
  • C:\thermal receipt printer 4.x\win64\server2012\lkne1045.rra
  • C:\thermal receipt printer 4.x\win64\x64\stdn10f1.rra
  • C:\thermal receipt printer 4.x\win64\server2012\lkne1055.rra
  • C:\thermal receipt printer 4.x\win64\xp\korean\unid111f.rra
  • C:\thermal receipt printer 4.x\win64\xp\korean\unir114e.rra
  • C:\thermal receipt printer 4.x\win64\xp\unir118d.rra
  • C:\thermal receipt printer 4.x\win64\itanium\win8\lkne11bb.rra
  • C:\thermal receipt printer 4.x\win8\korean\unid1238.rra
  • C:\thermal receipt printer 4.x\win8\korean\unir1267.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne1286.rra
  • C:\thermal receipt printer 4.x\win64\xp\unid10f1.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne12c5.rra
  • C:\thermal receipt printer 4.x\win64\xp\unid113f.rra
  • C:\thermal receipt printer 4.x\win64\x64\lkne1045.rra
  • C:\thermal receipt printer 4.x\win64\server2012\lkne1026.rra
  • C:\thermal receipt printer 4.x\win64\x64\lknefe7.rra
  • C:\thermal receipt printer 4.x\winxp\unire42.rra
  • C:\thermal receipt printer 4.x\win64\2003\unide61.rra
  • C:\thermal receipt printer 4.x\win64\2003\unide90.rra
  • C:\thermal receipt printer 4.x\win64\2003\korean\unidea0.rra
  • C:\thermal receipt printer 4.x\win64\2003\unideaf.rra
  • C:\thermal receipt printer 4.x\win64\2003\korean\unirebf.rra
  • C:\thermal receipt printer 4.x\win64\2003\unireee.rra
  • C:\thermal receipt printer 4.x\winxp\unide23.rra
  • C:\thermal receipt printer 4.x\win64\itanium\lk-tefd.rra
  • C:\thermal receipt printer 4.x\win64\itanium\lknef3c.rra
  • C:\thermal receipt printer 4.x\win64\itanium\lknef5b.rra
  • C:\thermal receipt printer 4.x\win64\itanium\lknef6b.rra
  • C:\thermal receipt printer 4.x\win64\itanium\win8\lknef6b.rra
  • C:\thermal receipt printer 4.x\win64\itanium\lknef7a.rra
  • C:\thermal receipt printer 4.x\win64\itanium\win8\lknef8a.rra
  • C:\thermal receipt printer 4.x\win64\itanium\lknefb9.rra
  • C:\thermal receipt printer 4.x\win64\itanium\stdnfd8.rra
  • C:\thermal receipt printer 4.x\win64\itanium\win8\lknef0d.rra
  • C:\thermal receipt printer 4.x\win64\server2012\lk-tfe7.rra
  • C:\thermal receipt printer 4.x\winxp\stdne13.rra
  • C:\thermal receipt printer 4.x\winxp\unide33.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne12d4.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne1322.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne141c.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne142b.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne142b.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne143b.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne143b.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne143c.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne144b.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne140c.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne141c.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne144b.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne146a.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne146a.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne1479.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne1479.rra
  • C:\thermal receipt printer 4.x\winxp\korean\unid1489.rra
  • C:\thermal receipt printer 4.x\winxp\korean\unir1499.rra
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\thermal receipt printer 4.xx\winlogomaker.lnk
  • C:\thermal receipt printer 4.x\win8\language\lkne145a.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne145a.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne140c.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne13fd.rra
  • C:\thermal receipt printer 4.x\win64\itanium\win8\lknecad.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne1323.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne1370.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne1370.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne1380.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne1380.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne139f.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne139f.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne13af.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne13af.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne13be.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne13be.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne13ce.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne13ce.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne13dd.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne13dd.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne13ed.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne13ed.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne12d4.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne1322.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne1313.rra
  • C:\thermal receipt printer 4.x\winxp\lknee04.rra
  • C:\thermal receipt printer 4.x\winxp\lk-tdf4.rra
  • C:\thermal receipt printer 4.x\winnt\therdf4.rra
  • %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\isce598.tmp
  • %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\iuse5e7.tmp
  • %CommonProgramFiles(x86)%\installshield\professional\runtime\ispe627.tmp
  • %CommonProgramFiles(x86)%\installshield\professional\runtime\isprobe.tlb
  • %CommonProgramFiles(x86)%\installshield\professional\runtime\ikernel.rgs
  • %CommonProgramFiles(x86)%\installshield\professional\runtime\obje695.tmp
  • %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\ikee46d.tmp
  • %TEMP%\eaea.rra
  • %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\ctoe52a.tmp
  • %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\coreec80.rra
  • %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\isrtecaf.rra
  • %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\defaecce.rra
  • %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\_isrecdd.rra
  • %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\layof45c.rra
  • %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\dataf45c.rra
  • %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\dataf46c.rra
  • %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\setuec51.rra
  • %TEMP%\ispe3bd.tmp\temp.000
  • %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\striec9f.rra
  • %TEMP%\_see3ff.tmp
  • %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\ispe3be.tmp\temp.000
  • %TEMP%\plfd25b.tmp
  • %TEMP%\pftd347.tmp\disk1\data1.cab
  • %TEMP%\pftd347.tmp\disk1\data1.hdr
  • %TEMP%\pftd347.tmp\disk1\data2.cab
  • %TEMP%\pftd347.tmp\disk1\engine32.cab
  • %TEMP%\pftd347.tmp\disk1\layout.bin
  • %TEMP%\pftd347.tmp\disk1\setup.boot
  • %TEMP%\pftd347.tmp\disk1\setup.exe
  • %TEMP%\pftd347.tmp\disk1\setup.ini
  • %TEMP%\pftd347.tmp\pftw1.pkg
  • %TEMP%\pftd347.tmp\disk1\setup.inx
  • %TEMP%\ispde9b.tmp\temp.000
  • %APPDATA%\microsoft\crypto\rsa\s-1-5-21-1960123792-2022915161-3775307078-1001\b46c6885f0642d73420a8719b5e9f67a_36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee
  • %TEMP%\sete35f.tmp
  • %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\ispe34e.tmp\temp.000
  • %TEMP%\_isdelet.ini
  • %APPDATA%\microsoft\crypto\rsa\s-1-5-21-1960123792-2022915161-3775307078-1001\6e65717d88bc138b5572e07312f4e258_36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee
  • %TEMP%\igde3cf.tmp
  • %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\setuf47b.rra
  • %TEMP%\setdeac.tmp
  • %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\setuf48b.rra
  • %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\dote4bc.tmp
  • %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\setup.boot
  • C:\thermal receipt printer 4.x\win8\lknecbc.rra
  • C:\thermal receipt printer 4.x\win8\lkneccc.rra
  • C:\thermal receipt printer 4.x\winxp\lknecdb.rra
  • C:\thermal receipt printer 4.x\win8\lknecfb.rra
  • C:\thermal receipt printer 4.x\win64\itanium\win8\stdnd0a.rra
  • C:\thermal receipt printer 4.x\win8\stdnd0a.rra
  • C:\thermal receipt printer 4.x\win8\unidd1a.rra
  • C:\thermal receipt printer 4.x\win64\xp\unidd29.rra
  • C:\thermal receipt printer 4.x\win8\unidd29.rra
  • C:\thermal receipt printer 4.x\win8\unidd39.rra
  • C:\thermal receipt printer 4.x\win8\unird58.rra
  • C:\thermal receipt printer 4.x\winnt\genpd97.rra
  • C:\thermal receipt printer 4.x\winnt\minid97.rra
  • C:\thermal receipt printer 4.x\winnt\rasdda6.rra
  • C:\thermal receipt printer 4.x\winnt\rasddb6.rra
  • C:\thermal receipt printer 4.x\winnt\rasddd5.rra
  • C:\thermal receipt printer 4.x\winnt\setudd5.rra
  • C:\thermal receipt printer 4.x\winnt\therde5.rra
  • C:\thermal receipt printer 4.x\winxp\lknecbc.rra
  • %WINDIR%\syswow64\vb6kf4d9.rra
  • C:\thermal receipt printer 4.x\winxp\lkneccc.rra
  • C:\thermal receipt printer 4.x\winxp\language\lkne13fd.rra
  • %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\thermal receipt printer 4.xx\pos printer driver uninstallation.lnk
  • C:\thermal receipt printer 4.x\win8\lknec9d.rra
  • %WINDIR%\syswow64\implf5f2.rra
  • %WINDIR%\syswow64\msvcfe6a.rra
  • %WINDIR%\syswow64\tabcffa2.rra
  • %WINDIR%\syswow64\comd1f.rra
  • %WINDIR%\syswow64\msco8c.rra
  • %WINDIR%\syswow64\msco241.rra
  • %WINDIR%\syswow64\msco608.rra
  • C:\thermal receipt printer 4.x\winlb46.rra
  • %WINDIR%\syswow64\crpef4e9.rra
  • C:\thermal receipt printer 4.x\winlb55.rra
  • C:\thermal receipt printer 4.x\drivbe2.rra
  • C:\thermal receipt printer 4.x\voucc01.rra
  • C:\thermal receipt printer 4.x\winlc20.rra
  • C:\thermal receipt printer 4.x\win64\itanium\win8\lk-tc30.rra
  • C:\thermal receipt printer 4.x\win8\lk-tc30.rra
  • C:\thermal receipt printer 4.x\winxp\lknec3f.rra
  • C:\thermal receipt printer 4.x\win8\lknec6e.rra
  • C:\thermal receipt printer 4.x\winxp\language\lknec9d.rra
  • C:\thermal receipt printer 4.x\drivbc3.rra
  • C:\thermal receipt printer 4.x\win8\lknecad.rra
  • %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\_setup.dll
Deletes the following files
  • %TEMP%\extd25c.tmp
  • %TEMP%\pftd347.tmp\disk1\setup.exe
  • %TEMP%\pftd347.tmp\disk1\setup.boot
  • %TEMP%\pftd347.tmp\disk1\layout.bin
  • %TEMP%\pftd347.tmp\disk1\engine32.cab
  • %TEMP%\pftd347.tmp\disk1\data2.cab
  • %TEMP%\pftd347.tmp\disk1\data1.hdr
  • %TEMP%\pftd347.tmp\disk1\data1.cab
  • %TEMP%\plfd25b.tmp
  • %TEMP%\_isdelet.ini
  • %TEMP%\ispe3bd.tmp\_setup.dll
  • %TEMP%\ispde9b.tmp\setup.dll
  • %TEMP%\eaea.rra
  • %APPDATA%\microsoft\crypto\rsa\s-1-5-21-1960123792-2022915161-3775307078-1001\6e65717d88bc138b5572e07312f4e258_36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee
  • %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\setup.inx
  • %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\corecomp.ini
  • %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\stringtable-0009-english.ips
  • %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\isrt.dll
  • %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\default.pal
  • %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\_isres.dll
  • C:\thermal receipt printer 4.x\winlogo.ocx
  • %CommonProgramFiles(x86)%\installshield\professional\runtime\ispe627.tmp
  • %TEMP%\_see3ff.tmp
  • %TEMP%\igde3cf.tmp
  • %APPDATA%\microsoft\crypto\rsa\s-1-5-21-1960123792-2022915161-3775307078-1001\b46c6885f0642d73420a8719b5e9f67a_36d1130a-ac2e-44f7-9dc1-e424fbcbe0ee
  • %TEMP%\sete35f.tmp
  • %TEMP%\setdeac.tmp
  • %TEMP%\pftd347.tmp\pftw1.pkg
  • %TEMP%\pftd347.tmp\disk1\setup.ini
  • %TEMP%\pftd347.tmp\disk1\setup.inx
Moves the following files
  • from %TEMP%\ispde9b.tmp\temp.000 to %TEMP%\ispde9b.tmp\setup.dll
  • from C:\thermal receipt printer 4.x\win64\itanium\win8\lkne11bb.rra to C:\thermal receipt printer 4.x\win64\itanium\win8\lknew4.gpd
  • from C:\thermal receipt printer 4.x\win64\itanium\win8\lknecad.rra to C:\thermal receipt printer 4.x\win64\itanium\win8\lknew4.ini
  • from C:\thermal receipt printer 4.x\win64\itanium\win8\lknef6b.rra to C:\thermal receipt printer 4.x\win64\itanium\win8\lknew4e.dll
  • from C:\thermal receipt printer 4.x\win64\itanium\win8\lknef8a.rra to C:\thermal receipt printer 4.x\win64\itanium\win8\lknew4ui.dll
  • from C:\thermal receipt printer 4.x\win64\itanium\win8\stdnd0a.rra to C:\thermal receipt printer 4.x\win64\itanium\win8\stdnames.gpd
  • from C:\thermal receipt printer 4.x\win64\xp\korean\unid111f.rra to C:\thermal receipt printer 4.x\win64\xp\korean\unidrvui.dll
  • from C:\thermal receipt printer 4.x\win64\x64\lkne10b2.rra to C:\thermal receipt printer 4.x\win64\x64\lknew4.gpd
  • from C:\thermal receipt printer 4.x\win64\xp\korean\unir114e.rra to C:\thermal receipt printer 4.x\win64\xp\korean\unires.dll
  • from C:\thermal receipt printer 4.x\win8\korean\unir1267.rra to C:\thermal receipt printer 4.x\win8\korean\unires.dll
  • from C:\thermal receipt printer 4.x\win8\language\lkne12c5.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_1250.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne12d4.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_1251.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne1313.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_1252.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne1322.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_1253.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne1370.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_1254.gpd
  • from C:\thermal receipt printer 4.x\win64\itanium\win8\lk-tc30.rra to C:\thermal receipt printer 4.x\win64\itanium\win8\lk-txxx.inf
  • from C:\thermal receipt printer 4.x\win64\itanium\win8\lknef0d.rra to C:\thermal receipt printer 4.x\win64\itanium\win8\lknew4.dll
  • from C:\thermal receipt printer 4.x\win64\2003\korean\unirebf.rra to C:\thermal receipt printer 4.x\win64\2003\korean\unires.dll
  • from C:\thermal receipt printer 4.x\win64\2003\korean\unidea0.rra to C:\thermal receipt printer 4.x\win64\2003\korean\unidrvui.dll
  • from C:\thermal receipt printer 4.x\win64\xp\unir118d.rra to C:\thermal receipt printer 4.x\win64\xp\unires.dll
  • from C:\thermal receipt printer 4.x\win64\server2012\lkne1026.rra to C:\thermal receipt printer 4.x\win64\server2012\lknew4.dll
  • from C:\thermal receipt printer 4.x\win64\server2012\lkne1045.rra to C:\thermal receipt printer 4.x\win64\server2012\lknew4.gpd
  • from C:\thermal receipt printer 4.x\win64\server2012\lkne1055.rra to C:\thermal receipt printer 4.x\win64\server2012\lknew4e.dll
  • from C:\thermal receipt printer 4.x\win64\server2012\lkne1083.rra to C:\thermal receipt printer 4.x\win64\server2012\lknew4ui.dll
  • from C:\thermal receipt printer 4.x\win64\server2012\stdn1093.rra to C:\thermal receipt printer 4.x\win64\server2012\stdnames.gpd
  • from C:\thermal receipt printer 4.x\win64\x64\lk-t10a3.rra to C:\thermal receipt printer 4.x\win64\x64\lk-txxx.inf
  • from C:\thermal receipt printer 4.x\win8\language\lkne1380.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_1255.gpd
  • from C:\thermal receipt printer 4.x\win8\korean\unid1238.rra to C:\thermal receipt printer 4.x\win8\korean\unidrvui.dll
  • from C:\thermal receipt printer 4.x\win64\x64\lknefe7.rra to C:\thermal receipt printer 4.x\win64\x64\lknew4.dll
  • from C:\thermal receipt printer 4.x\win64\x64\lkne1045.rra to C:\thermal receipt printer 4.x\win64\x64\lknew4e.dll
  • from C:\thermal receipt printer 4.x\win64\x64\lkne1064.rra to C:\thermal receipt printer 4.x\win64\x64\lknew4ui.dll
  • from C:\thermal receipt printer 4.x\win64\x64\stdn10f1.rra to C:\thermal receipt printer 4.x\win64\x64\stdnames.gpd
  • from C:\thermal receipt printer 4.x\win64\xp\unid10f1.rra to C:\thermal receipt printer 4.x\win64\xp\unidrv.dll
  • from C:\thermal receipt printer 4.x\win64\xp\unidd29.rra to C:\thermal receipt printer 4.x\win64\xp\unidrv.hlp
  • from C:\thermal receipt printer 4.x\win64\xp\unid113f.rra to C:\thermal receipt printer 4.x\win64\xp\unidrvui.dll
  • from C:\thermal receipt printer 4.x\win64\server2012\lk-tfe7.rra to C:\thermal receipt printer 4.x\win64\server2012\lk-txxx.inf
  • from C:\thermal receipt printer 4.x\win64\x64\lkne10d1.rra to C:\thermal receipt printer 4.x\win64\x64\lknew4.ini
  • from C:\thermal receipt printer 4.x\win8\language\lkne144b.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_874.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne146a.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_949.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne13be.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_1258.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne139f.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_1257.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne13af.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_1258.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne13be.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_437.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne13ce.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_737.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne13dd.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_850.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne13ed.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_852.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne139f.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_1256.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne13fd.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_857.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne141c.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_863.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne142b.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_864.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne143b.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_866.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne143c.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_874.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne144b.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_932.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne145a.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_936.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne1370.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_1255.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne1380.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_1256.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne1323.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_1254.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne1322.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_1253.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lknec9d.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_1252.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne13dd.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_737.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne13ed.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_850.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne13fd.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_852.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne140c.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_858.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne141c.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_863.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne142b.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_864.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne13af.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_1257.gpd
  • from C:\thermal receipt printer 4.x\win64\itanium\stdnfd8.rra to C:\thermal receipt printer 4.x\win64\itanium\stdnames.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne143b.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_866.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne146a.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_949.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne1479.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_950.gpd
  • from C:\thermal receipt printer 4.x\winxp\korean\unid1489.rra to C:\thermal receipt printer 4.x\winxp\korean\unidrvui.dll
  • from C:\thermal receipt printer 4.x\winxp\korean\unir1499.rra to C:\thermal receipt printer 4.x\winxp\korean\unires.dll
  • from C:\thermal receipt printer 4.x\winxp\language\lkne1286.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_1250.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne12d4.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_1251.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne13ce.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_437.gpd
  • from C:\thermal receipt printer 4.x\win8\language\lkne145a.rra to C:\thermal receipt printer 4.x\win8\language\lknew4_932.gpd
  • from C:\thermal receipt printer 4.x\winxp\language\lkne140c.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_858.gpd
  • from C:\thermal receipt printer 4.x\win64\itanium\lknefb9.rra to C:\thermal receipt printer 4.x\win64\itanium\lknew4ui.dll
  • from C:\thermal receipt printer 4.x\win64\2003\unide61.rra to C:\thermal receipt printer 4.x\win64\2003\unidrv.dll
  • from %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\setuf47b.rra to %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\setup.ini
  • from %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\setuf48b.rra to %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\setup.inx
  • from %WINDIR%\syswow64\vb6kf4d9.rra to %WINDIR%\syswow64\vb6ko.dll
  • from %WINDIR%\syswow64\crpef4e9.rra to %WINDIR%\syswow64\crpe32.dll
  • from %WINDIR%\syswow64\implf5f2.rra to %WINDIR%\syswow64\implode.dll
  • from %WINDIR%\syswow64\msvcfe6a.rra to %WINDIR%\syswow64\msvcp50.dll
  • from %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\isce598.tmp to %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\iscript.dll
  • from %WINDIR%\syswow64\tabcffa2.rra to %WINDIR%\syswow64\tabctl32.ocx
  • from %WINDIR%\syswow64\msco8c.rra to %WINDIR%\syswow64\mscomct2.ocx
  • from %WINDIR%\syswow64\msco241.rra to %WINDIR%\syswow64\mscomctl.ocx
  • from %WINDIR%\syswow64\msco608.rra to %WINDIR%\syswow64\mscomm32.ocx
  • from C:\thermal receipt printer 4.x\winlb55.rra to C:\thermal receipt printer 4.x\winlogo.ocx
  • from C:\thermal receipt printer 4.x\drivbc3.rra to C:\thermal receipt printer 4.x\driverinstaller.exe
  • from C:\thermal receipt printer 4.x\drivbe2.rra to C:\thermal receipt printer 4.x\driveruninstaller.exe
  • from %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\dataf46c.rra to %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\data1.cab
  • from %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\setuf47b.rra to %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\setup.exe
  • from %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\dataf45c.rra to %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\data1.hdr
  • from %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\layof45c.rra to %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\layout.bin
  • from %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\_isrecdd.rra to %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\_isres.dll
  • from %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\ispe34e.tmp\setup.dll to %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\setup.dll
  • from %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\ispe3be.tmp\temp.000 to %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\ispe3be.tmp\igdi.dll
  • from %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\ispe3be.tmp\igdi.dll to %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\igdi.dll
  • from %TEMP%\ispe3bd.tmp\temp.000 to %TEMP%\ispe3bd.tmp\_setup.dll
  • from %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\ikee46d.tmp to %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\ikernel.dll
  • from %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\dote4bc.tmp to %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\dotnetinstaller.exe
  • from C:\thermal receipt printer 4.x\voucc01.rra to C:\thermal receipt printer 4.x\vouchurmaker.exe
  • from %WINDIR%\syswow64\comd1f.rra to %WINDIR%\syswow64\comdlg32.ocx
  • from %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\ctoe52a.tmp to %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\ctor.dll
  • from %CommonProgramFiles(x86)%\installshield\professional\runtime\obje695.tmp to %CommonProgramFiles(x86)%\installshield\professional\runtime\objectps.dll
  • from %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\setuec51.rra to %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\setup.inx
  • from %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\coreec80.rra to %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\corecomp.ini
  • from %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\striec9f.rra to %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\stringtable-0009-english.ips
  • from %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\isrtecaf.rra to %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\isrt.dll
  • from %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\defaecce.rra to %TEMP%\{1a006f74-584f-43a3-afec-d41b6b6b4177}\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\default.pal
  • from %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\ispe34e.tmp\temp.000 to %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\ispe34e.tmp\setup.dll
  • from %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\iuse5e7.tmp to %CommonProgramFiles(x86)%\installshield\professional\runtime\0700\intel32\iuser.dll
  • from C:\thermal receipt printer 4.x\win8\unidd39.rra to C:\thermal receipt printer 4.x\win8\unidrvui.dll
  • from C:\thermal receipt printer 4.x\win64\itanium\lknef6b.rra to C:\thermal receipt printer 4.x\win64\itanium\lknew4.ini
  • from C:\thermal receipt printer 4.x\win8\lknec6e.rra to C:\thermal receipt printer 4.x\win8\lknew4.dll
  • from C:\thermal receipt printer 4.x\winxp\lknecbc.rra to C:\thermal receipt printer 4.x\winxp\lknew4a.ini
  • from C:\thermal receipt printer 4.x\winxp\lkneccc.rra to C:\thermal receipt printer 4.x\winxp\lknew4e.dll
  • from C:\thermal receipt printer 4.x\winxp\lknecdb.rra to C:\thermal receipt printer 4.x\winxp\lknew4ui.dll
  • from C:\thermal receipt printer 4.x\winxp\stdne13.rra to C:\thermal receipt printer 4.x\winxp\stdnames.gpd
  • from C:\thermal receipt printer 4.x\winxp\unide23.rra to C:\thermal receipt printer 4.x\winxp\unidrv.dll
  • from C:\thermal receipt printer 4.x\winxp\unide33.rra to C:\thermal receipt printer 4.x\winxp\unidrv.hlp
  • from C:\thermal receipt printer 4.x\winlc20.rra to C:\thermal receipt printer 4.x\winlogo.exe
  • from C:\thermal receipt printer 4.x\winxp\unire42.rra to C:\thermal receipt printer 4.x\winxp\unires.dll
  • from C:\thermal receipt printer 4.x\win64\2003\unide90.rra to C:\thermal receipt printer 4.x\win64\2003\unidrv.hlp
  • from C:\thermal receipt printer 4.x\win64\2003\unideaf.rra to C:\thermal receipt printer 4.x\win64\2003\unidrvui.dll
  • from C:\thermal receipt printer 4.x\win64\2003\unireee.rra to C:\thermal receipt printer 4.x\win64\2003\unires.dll
  • from C:\thermal receipt printer 4.x\win64\itanium\lk-tefd.rra to C:\thermal receipt printer 4.x\win64\itanium\lk-txxx.inf
  • from C:\thermal receipt printer 4.x\win64\itanium\lknef3c.rra to C:\thermal receipt printer 4.x\win64\itanium\lknew4.dll
  • from C:\thermal receipt printer 4.x\win64\itanium\lknef5b.rra to C:\thermal receipt printer 4.x\win64\itanium\lknew4.gpd
  • from C:\thermal receipt printer 4.x\winxp\lknec3f.rra to C:\thermal receipt printer 4.x\winxp\lknew4.dll
  • from C:\thermal receipt printer 4.x\winxp\lknee04.rra to C:\thermal receipt printer 4.x\winxp\lknew4.gpd
  • from C:\thermal receipt printer 4.x\winxp\lk-tdf4.rra to C:\thermal receipt printer 4.x\winxp\lk-txxx.inf
  • from C:\thermal receipt printer 4.x\winnt\therdf4.rra to C:\thermal receipt printer 4.x\winnt\thermal.ini
  • from C:\thermal receipt printer 4.x\winnt\therde5.rra to C:\thermal receipt printer 4.x\winnt\thermal.dll
  • from C:\thermal receipt printer 4.x\win8\lknecad.rra to C:\thermal receipt printer 4.x\win8\lknew4.ini
  • from C:\thermal receipt printer 4.x\win8\lknecbc.rra to C:\thermal receipt printer 4.x\win8\lknew4a.ini
  • from C:\thermal receipt printer 4.x\win8\lkneccc.rra to C:\thermal receipt printer 4.x\win8\lknew4e.dll
  • from C:\thermal receipt printer 4.x\win8\lknecfb.rra to C:\thermal receipt printer 4.x\win8\lknew4ui.dll
  • from C:\thermal receipt printer 4.x\win8\stdnd0a.rra to C:\thermal receipt printer 4.x\win8\stdnames.gpd
  • from C:\thermal receipt printer 4.x\win8\unidd1a.rra to C:\thermal receipt printer 4.x\win8\unidrv.dll
  • from C:\thermal receipt printer 4.x\win8\lk-tc30.rra to C:\thermal receipt printer 4.x\win8\lk-txxx.inf
  • from C:\thermal receipt printer 4.x\win64\itanium\lknef7a.rra to C:\thermal receipt printer 4.x\win64\itanium\lknew4e.dll
  • from C:\thermal receipt printer 4.x\win8\unidd29.rra to C:\thermal receipt printer 4.x\win8\unidrv.hlp
  • from C:\thermal receipt printer 4.x\winnt\genpd97.rra to C:\thermal receipt printer 4.x\winnt\genprint.dll
  • from C:\thermal receipt printer 4.x\winnt\minid97.rra to C:\thermal receipt printer 4.x\winnt\miniprint.inf
  • from C:\thermal receipt printer 4.x\winnt\rasdda6.rra to C:\thermal receipt printer 4.x\winnt\rasdd.dll
  • from C:\thermal receipt printer 4.x\winnt\rasddb6.rra to C:\thermal receipt printer 4.x\winnt\rasddui.dll
  • from C:\thermal receipt printer 4.x\winnt\rasddd5.rra to C:\thermal receipt printer 4.x\winnt\rasddui.hlp
  • from C:\thermal receipt printer 4.x\winnt\setudd5.rra to C:\thermal receipt printer 4.x\winnt\setuppp.exe
  • from C:\thermal receipt printer 4.x\win8\lknec9d.rra to C:\thermal receipt printer 4.x\win8\lknew4.gpd
  • from C:\thermal receipt printer 4.x\win8\unird58.rra to C:\thermal receipt printer 4.x\win8\unires.dll
  • from C:\thermal receipt printer 4.x\winxp\language\lkne1479.rra to C:\thermal receipt printer 4.x\winxp\language\lknew4_950.gpd
Substitutes the following files
  • %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\setuf47b.rra
  • %ProgramFiles(x86)%\installshield installation information\{4e7b5d5a-3e4a-4d26-9f8b-e820dc3ea5ef}\setup.ini
  • C:\thermal receipt printer 4.x\winlogo.ocx
  • C:\thermal receipt printer 4.x\winxp\lknee04.rra
  • C:\thermal receipt printer 4.x\winxp\unide33.rra
  • C:\thermal receipt printer 4.x\win64\server2012\lkne1045.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne13fd.rra
  • C:\thermal receipt printer 4.x\win8\language\lkne145a.rra
Miscellaneous
Creates and executes the following
  • '%TEMP%\pftd347.tmp\disk1\setup.exe'
  • '%TEMP%\pftd347.tmp\disk1\setup.exe' -deleter
  • 'C:\thermal receipt printer 4.x\driverinstaller.exe'
  • 'C:\thermal receipt printer 4.x\driverinstaller.exe' ' (with hidden window)

Рекомендации по лечению

  1. В случае если операционная система способна загрузиться (в штатном режиме или режиме защиты от сбоев), скачайте лечащую утилиту Dr.Web CureIt! и выполните с ее помощью полную проверку вашего компьютера, а также используемых вами переносных носителей информации.
  2. Если загрузка операционной системы невозможна, измените настройки BIOS вашего компьютера, чтобы обеспечить возможность загрузки ПК с компакт-диска или USB-накопителя. Скачайте образ аварийного диска восстановления системы Dr.Web® LiveDisk или утилиту записи Dr.Web® LiveDisk на USB-накопитель, подготовьте соответствующий носитель. Загрузив компьютер с использованием данного носителя, выполните его полную проверку и лечение обнаруженных угроз.
Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

Выполните полную проверку системы с использованием Антивируса Dr.Web Light для macOS. Данный продукт можно загрузить с официального сайта Apple App Store.

Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

Скачать Dr.Web с Apple Store

На загруженной ОС выполните полную проверку всех дисковых разделов с использованием продукта Антивирус Dr.Web для Linux.

Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

  1. Если мобильное устройство функционирует в штатном режиме, загрузите и установите на него бесплатный антивирусный продукт Dr.Web для Android Light. Выполните полную проверку системы и используйте рекомендации по нейтрализации обнаруженных угроз.
  2. Если мобильное устройство заблокировано троянцем-вымогателем семейства Android.Locker (на экране отображается обвинение в нарушении закона, требование выплаты определенной денежной суммы или иное сообщение, мешающее нормальной работе с устройством), выполните следующие действия:
    • загрузите свой смартфон или планшет в безопасном режиме (в зависимости от версии операционной системы и особенностей конкретного мобильного устройства эта процедура может быть выполнена различными способами; обратитесь за уточнением к инструкции, поставляемой вместе с приобретенным аппаратом, или напрямую к его производителю);
    • после активации безопасного режима установите на зараженное устройство бесплатный антивирусный продукт Dr.Web для Android Light и произведите полную проверку системы, выполнив рекомендации по нейтрализации обнаруженных угроз;
    • выключите устройство и включите его в обычном режиме.

Подробнее о Dr.Web для Android

Демо бесплатно на 14 дней

Выдаётся при установке

Скачать с сайта
Скачать с Google Play