ПОЛЬЗОВАТЕЛЯМ

Закрыть

Поиск

Поиск

Поддержка
Круглосуточная поддержка

Напишите

Запрос через форму

Позвоните

Бесплатно по России:
8-800-333-79-32

ЧаВо | Форум

Напишите

Задать вопрос в поддержку

Ваши запросы

  • Все: -
  • Незакрытые: -
  • Последний: -

Позвоните

Бесплатно по России:
8-800-333-79-32

Свяжитесь с нами Незакрытые запросы: 

Профиль

Профиль

BY

RU CN DE EN ES FR IT JP KZ UZ PL BY
Закрыть
Сервисы
Сканеры
Dr.Web vxCube
Демо
Экспертиза ВКИ
Вирусная библиотека
База знаний

Технологии

Термины

Обучение и просвещение

Мифы

Новости

Trojan.MulDrop18.5681

Добавлен в вирусную базу Dr.Web: 2021-07-25

Описание добавлено:

Technical Information

To ensure autorun and distribution
Creates or modifies the following files
  • <SYSTEM32>\tasks\harddisksentinel\hard disk sentinel_user
Modifies file system
Creates the following files
  • <Current directory>\hard disk sentinel\xsandbox.bin.__tmp__
  • <Current directory>\hard disk sentinel\local\stubexe\0x5fd838835c5871b0\fsutil.exe.manifest.__tmp__
  • <Current directory>\hard disk sentinel\local\stubexe\0x5fd838835c5871b0\fsutil.exe.__tmp__
  • %TEMP%\210725003948004.65691291.tmp
  • <Current directory>\hard disk sentinel\local\stubexe\0x4e91e1ace02b7e23\detect.dll.manifest.__tmp__
  • <Current directory>\hard disk sentinel\local\stubexe\0x4e91e1ace02b7e23\detect.dll.__tmp__
  • <Current directory>\hard disk sentinel\roaming\modified\@programfilesx86@\hard disk sentinel\log.txt
  • <Current directory>\hard disk sentinel\roaming\meta\@programfilesx86@\hard disk sentinel\log.txt.__meta__.__tmp__
  • <Current directory>\hard disk sentinel\local\temp\@programfilesx86@\hard disk sentinel\log.txt
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_activator@1.0.0.0\activator.manifest.__tmp__
  • <Current directory>\hard disk sentinel\local\stubexe\0xe6c8b668c31bf07c\hdsentinel.exe.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_jr.inno.setup@1.0.0.0\x86_jr.inno.setup@1.0.0.0.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_jr.inno.setup@1.0.0.0\jr.inno.setup.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_harddisksentineltray@1.0.0.0\x86_harddisksentineltray@1.0.0.0.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_harddisksentineltray@1.0.0.0\harddisksentineltray.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_harddisksentinel@1.0.0.0\x86_harddisksentinel@1.0.0.0.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_harddisksentinel@1.0.0.0\harddisksentinel.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_delphiapplication@1.0.0.0\x86_delphiapplication@1.0.0.0.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_delphiapplication@1.0.0.0\delphiapplication.manifest.__tmp__
  • <Current directory>\hard disk sentinel\local\stubexe\0xe6c8b668c31bf07c\hdsentinel.exe.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_activator@1.0.0.0\x86_activator@1.0.0.0.manifest.__tmp__
  • <Current directory>\hard disk sentinel\roaming\modified\@programfilesx86@\hard disk sentinel\diskdata_western_digital_hdd_aa2vwfgpfr8h8_1.0.dat
  • <Current directory>\hard disk sentinel\local\temp\@programfilesx86@\hard disk sentinel\winsched.txt
  • <Current directory>\hard disk sentinel\local\temp\@programfilesx86@\hard disk sentinel\driveaddremovelog.txt
  • <Current directory>\hard disk sentinel\roaming\modified\@appdata@\hard disk sentinel\hds_control_add.vbs
  • <Current directory>\hard disk sentinel\roaming\meta\@appdata@\hard disk sentinel\hds_control_add.vbs.__meta__.__tmp__
  • <Current directory>\hard disk sentinel\local\temp\@appdata@\hard disk sentinel\hds_control_add.vbs
  • <Current directory>\hard disk sentinel\roaming\modified\@appdata@\hard disk sentinel\hds_control_check.vbs
  • <Current directory>\hard disk sentinel\roaming\meta\@appdata@\hard disk sentinel\hds_control_check.vbs.__meta__.__tmp__
  • <Current directory>\hard disk sentinel\local\temp\@appdata@\hard disk sentinel\hds_control_check.vbs
  • <Current directory>\hard disk sentinel\roaming\modified\@programfilesx86@\hard disk sentinel\winsched.txt
  • <Current directory>\hard disk sentinel\roaming\modified\@programfilesx86@\hard disk sentinel\diskdata_western_digital_hdd_aa2vwfgpfr8h8_1.0.hdi
  • <Current directory>\hard disk sentinel\roaming\modified\@programfilesx86@\hard disk sentinel\diskdata_mass_storage_device_zzrgctgg3j_st6oa31b.dat
  • <Current directory>\hard disk sentinel\local\meta\@appdata@\hard disk sentinel.__meta__.__tmp__
  • <Current directory>\hard disk sentinel\local\meta\@appdata@\hard disk sentinel\hds_control_remove.vbs.__meta__.__tmp__
  • <Current directory>\hard disk sentinel\local\temp\@appdata@\hard disk sentinel\hds_control_remove.vbs
  • <Current directory>\hard disk sentinel\local\stubexe\0x088f090cde8fa25d\cscript.exe.manifest.__tmp__
  • <Current directory>\hard disk sentinel\local\stubexe\0x088f090cde8fa25d\cscript.exe.__tmp__
  • <Current directory>\hard disk sentinel\roaming\meta\@programfilesx86@\hard disk sentinel\hdsentinel.key.__meta__.__tmp__
  • <Current directory>\hard disk sentinel\local\temp\@programfilesx86@\hard disk sentinel\hdsentinel.key
  • <Current directory>\hard disk sentinel\roaming\modified\@programfilesx86@\hard disk sentinel\diskdata_mass_storage_device_zzrgctgg3j_st6oa31b.hdi
  • <Current directory>\hard disk sentinel\roaming\meta\@programfilesx86@\hard disk sentinel\winsched.txt.__meta__.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\storelibir-2.dll\storelibir-2.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\storelibir.dll\storelibir.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\storelib.dll\storelib.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\deta.dll_0x6757864d10c0d4c9c5417e21c80a1f8f.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\activator.exe_0xdeb25d06d1e4094a2f45dea644bb1b22.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\109commandlib.dll_0xd05be9e2ed17e21d8ec2a60e9da711cd.2.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\infomgr.dll\infomgr.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detre6.dll\detre6.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detre.dll\detre.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detp.dll\detp.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detat.dll_0xf1a3ab40b96c875cfeff0ba7794236aa.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detmv.dll\detmv.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\dethp2.dll\dethp2.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\dethp.dll\dethp.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detat.dll\detat.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\deta1.dll\deta1.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\deta.dll\deta.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\109commandlib.dll\109commandlib.dll.manifest.__tmp__
  • <Current directory>\hard disk sentinel\local\meta\@programfilesx86@\hard disk sentinel\hdsentinel.exe.__meta__.__tmp__
  • <Current directory>\hard disk sentinel\local\temp\@programfilesx86@\hard disk sentinel\hdsentinel.exe
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detjmx.dll\detjmx.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\dethp.dll_0xd5332a5b98d5af7f5f199996bb8229ec.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\deta1.dll_0xb15b1d7bcf5255b013c8493f44661d1a.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\dethp2.dll_0xbc4bbbeccbb8e035e68e301a66dcf2ee.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\storectrl.dll\storectrl.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\infomgr.dll_0x48b3adf1cc74f5f53951c4f42be136cc.2.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\mv_api.dll\mv_api.dll.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\unins000.exe_0xbd8b21c930b3303ed5392c5493c60780.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\storelibir-2.dll_0x527bc44dfd171e29e4dbd20bb4aa524e.2.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\storelibir.dll_0xd6b1700992b22f31c67a44f2218e4bd6.2.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\storelib.dll_0x56a6c9ca675322c411486af78457babb.2.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\storectrl.dll_0x6706e5a16d023e948fea00aec571feb5.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\storagetest.dll_0x9f9ab6aa768df50598e046d4f484b136.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\mv_api.dll_0x7825f2337527cd3bed18e0916d6efd74.2.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\hdsentineltray.exe_0x4263a553e7b9da9378e367254a7a0728.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detjmx.dll_0x73efe2827ec635cb79f52500bae98e46.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\hdsentinel.exe_0xcbf460d8e42e3e78d956291031f0640f.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\hdsctrl.exe_0x1246c97c8f99c8eee85b1f76cfdba867.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\hdsaction.exe_0xd3cafbac99375e2da1f5c88d3b00d71f.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\harddisksentinelupdate.exe_0xc2711d992c6e7dc67b7b71df13a29e1c.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detre6.dll_0x5d5cac3857a17266f1212743b03a4509.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detre.dll_0xe0655b496bb34d63dd4befc69a33cb43.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detp.dll_0x95304aaa4fa94223da39afb213ad8ad8.1.manifest.__tmp__
  • %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detmv.dll_0xc9528e4d85e88696ffdf03358cc23e74.1.manifest.__tmp__
  • <Current directory>\hard disk sentinel\roaming\meta\@programfilesx86@\hard disk sentinel\driveaddremovelog.txt.__meta__.__tmp__
  • <Current directory>\hard disk sentinel\roaming\modified\@programfilesx86@\hard disk sentinel\driveaddremovelog.txt
Deletes the following files
  • %TEMP%\210725003948004.65691291.tmp
Moves the following files
  • from <Current directory>\hard disk sentinel\xsandbox.bin.__tmp__ to <Current directory>\hard disk sentinel\xsandbox.bin
  • from <Current directory>\hard disk sentinel\local\stubexe\0xe6c8b668c31bf07c\hdsentinel.exe.__tmp__ to <Current directory>\hard disk sentinel\local\stubexe\0xe6c8b668c31bf07c\hdsentinel.exe
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_jr.inno.setup@1.0.0.0\x86_jr.inno.setup@1.0.0.0.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_jr.inno.setup@1.0.0.0\x86_jr.inno.setup@1.0.0.0.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_jr.inno.setup@1.0.0.0\jr.inno.setup.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_jr.inno.setup@1.0.0.0\jr.inno.setup.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_harddisksentineltray@1.0.0.0\x86_harddisksentineltray@1.0.0.0.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_harddisksentineltray@1.0.0.0\x86_harddisksentineltray@1.0.0.0.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_harddisksentineltray@1.0.0.0\harddisksentineltray.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_harddisksentineltray@1.0.0.0\harddisksentineltray.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_harddisksentinel@1.0.0.0\x86_harddisksentinel@1.0.0.0.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_harddisksentinel@1.0.0.0\x86_harddisksentinel@1.0.0.0.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_harddisksentinel@1.0.0.0\harddisksentinel.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_harddisksentinel@1.0.0.0\harddisksentinel.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_delphiapplication@1.0.0.0\delphiapplication.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_delphiapplication@1.0.0.0\delphiapplication.manifest
  • from <Current directory>\hard disk sentinel\local\temp\@programfilesx86@\hard disk sentinel\log.txt to <Current directory>\hard disk sentinel\roaming\modified\@programfilesx86@\hard disk sentinel\log.txt
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_activator@1.0.0.0\x86_activator@1.0.0.0.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_activator@1.0.0.0\x86_activator@1.0.0.0.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_activator@1.0.0.0\activator.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_activator@1.0.0.0\activator.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\storelibir-2.dll\storelibir-2.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\storelibir-2.dll\storelibir-2.dll.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\storelibir.dll\storelibir.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\storelibir.dll\storelibir.dll.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\storelib.dll\storelib.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\storelib.dll\storelib.dll.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\storectrl.dll\storectrl.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\storectrl.dll\storectrl.dll.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_delphiapplication@1.0.0.0\x86_delphiapplication@1.0.0.0.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\x86_delphiapplication@1.0.0.0\x86_delphiapplication@1.0.0.0.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\hdsaction.exe_0xd3cafbac99375e2da1f5c88d3b00d71f.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\hdsaction.exe_0xd3cafbac99375e2da1f5c88d3b00d71f.1.manifest
  • from <Current directory>\hard disk sentinel\roaming\meta\@programfilesx86@\hard disk sentinel\log.txt.__meta__.__tmp__ to <Current directory>\hard disk sentinel\roaming\meta\@programfilesx86@\hard disk sentinel\log.txt.__meta__
  • from <Current directory>\hard disk sentinel\roaming\meta\@appdata@\hard disk sentinel\hds_control_add.vbs.__meta__.__tmp__ to <Current directory>\hard disk sentinel\roaming\meta\@appdata@\hard disk sentinel\hds_control_add.vbs.__meta__
  • from <Current directory>\hard disk sentinel\local\temp\@appdata@\hard disk sentinel\hds_control_add.vbs to <Current directory>\hard disk sentinel\roaming\modified\@appdata@\hard disk sentinel\hds_control_add.vbs
  • from <Current directory>\hard disk sentinel\roaming\meta\@appdata@\hard disk sentinel\hds_control_check.vbs.__meta__.__tmp__ to <Current directory>\hard disk sentinel\roaming\meta\@appdata@\hard disk sentinel\hds_control_check.vbs.__meta__
  • from <Current directory>\hard disk sentinel\local\temp\@appdata@\hard disk sentinel\hds_control_check.vbs to <Current directory>\hard disk sentinel\roaming\modified\@appdata@\hard disk sentinel\hds_control_check.vbs
  • from <Current directory>\hard disk sentinel\roaming\meta\@programfilesx86@\hard disk sentinel\winsched.txt.__meta__.__tmp__ to <Current directory>\hard disk sentinel\roaming\meta\@programfilesx86@\hard disk sentinel\winsched.txt.__meta__
  • from <Current directory>\hard disk sentinel\local\temp\@programfilesx86@\hard disk sentinel\winsched.txt to <Current directory>\hard disk sentinel\roaming\modified\@programfilesx86@\hard disk sentinel\winsched.txt
  • from <Current directory>\hard disk sentinel\local\meta\@appdata@\hard disk sentinel.__meta__.__tmp__ to <Current directory>\hard disk sentinel\local\meta\@appdata@\hard disk sentinel.__meta__
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\mv_api.dll\mv_api.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\mv_api.dll\mv_api.dll.manifest
  • from <Current directory>\hard disk sentinel\local\stubexe\0xe6c8b668c31bf07c\hdsentinel.exe.manifest.__tmp__ to <Current directory>\hard disk sentinel\local\stubexe\0xe6c8b668c31bf07c\hdsentinel.exe.manifest
  • from <Current directory>\hard disk sentinel\local\stubexe\0x088f090cde8fa25d\cscript.exe.manifest.__tmp__ to <Current directory>\hard disk sentinel\local\stubexe\0x088f090cde8fa25d\cscript.exe.manifest
  • from <Current directory>\hard disk sentinel\local\stubexe\0x088f090cde8fa25d\cscript.exe.__tmp__ to <Current directory>\hard disk sentinel\local\stubexe\0x088f090cde8fa25d\cscript.exe
  • from <Current directory>\hard disk sentinel\roaming\meta\@programfilesx86@\hard disk sentinel\hdsentinel.key.__meta__.__tmp__ to <Current directory>\hard disk sentinel\roaming\meta\@programfilesx86@\hard disk sentinel\hdsentinel.key.__meta__
  • from <Current directory>\hard disk sentinel\local\temp\@programfilesx86@\hard disk sentinel\hdsentinel.key to <Current directory>\hard disk sentinel\roaming\modified\@programfilesx86@\hard disk sentinel\hdsentinel.key
  • from <Current directory>\hard disk sentinel\local\stubexe\0x5fd838835c5871b0\fsutil.exe.manifest.__tmp__ to <Current directory>\hard disk sentinel\local\stubexe\0x5fd838835c5871b0\fsutil.exe.manifest
  • from <Current directory>\hard disk sentinel\local\stubexe\0x5fd838835c5871b0\fsutil.exe.__tmp__ to <Current directory>\hard disk sentinel\local\stubexe\0x5fd838835c5871b0\fsutil.exe
  • from <Current directory>\hard disk sentinel\local\stubexe\0x4e91e1ace02b7e23\detect.dll.manifest.__tmp__ to <Current directory>\hard disk sentinel\local\stubexe\0x4e91e1ace02b7e23\detect.dll.manifest
  • from <Current directory>\hard disk sentinel\local\temp\@appdata@\hard disk sentinel\hds_control_remove.vbs to <Current directory>\hard disk sentinel\local\modified\@appdata@\hard disk sentinel\hds_control_remove.vbs
  • from <Current directory>\hard disk sentinel\local\stubexe\0x4e91e1ace02b7e23\detect.dll.__tmp__ to <Current directory>\hard disk sentinel\local\stubexe\0x4e91e1ace02b7e23\detect.dll
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\unins000.exe_0xbd8b21c930b3303ed5392c5493c60780.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\unins000.exe_0xbd8b21c930b3303ed5392c5493c60780.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\storelibir-2.dll_0x527bc44dfd171e29e4dbd20bb4aa524e.2.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\storelibir-2.dll_0x527bc44dfd171e29e4dbd20bb4aa524e.2.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\storelibir.dll_0xd6b1700992b22f31c67a44f2218e4bd6.2.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\storelibir.dll_0xd6b1700992b22f31c67a44f2218e4bd6.2.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\dethp2.dll\dethp2.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\dethp2.dll\dethp2.dll.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\109commandlib.dll_0xd05be9e2ed17e21d8ec2a60e9da711cd.2.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\109commandlib.dll_0xd05be9e2ed17e21d8ec2a60e9da711cd.2.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\infomgr.dll\infomgr.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\infomgr.dll\infomgr.dll.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detre6.dll\detre6.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detre6.dll\detre6.dll.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detre.dll\detre.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detre.dll\detre.dll.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detp.dll\detp.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detp.dll\detp.dll.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detmv.dll\detmv.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detmv.dll\detmv.dll.manifest
  • from <Current directory>\hard disk sentinel\local\temp\@programfilesx86@\hard disk sentinel\driveaddremovelog.txt to <Current directory>\hard disk sentinel\roaming\modified\@programfilesx86@\hard disk sentinel\driveaddremovelog.txt
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\deta.dll_0x6757864d10c0d4c9c5417e21c80a1f8f.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\deta.dll_0x6757864d10c0d4c9c5417e21c80a1f8f.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\dethp.dll\dethp.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\dethp.dll\dethp.dll.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detat.dll\detat.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detat.dll\detat.dll.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\deta1.dll\deta1.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\deta1.dll\deta1.dll.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\deta.dll\deta.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\deta.dll\deta.dll.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\109commandlib.dll\109commandlib.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\109commandlib.dll\109commandlib.dll.manifest
  • from <Current directory>\hard disk sentinel\local\meta\@programfilesx86@\hard disk sentinel\hdsentinel.exe.__meta__.__tmp__ to <Current directory>\hard disk sentinel\local\meta\@programfilesx86@\hard disk sentinel\hdsentinel.exe.__meta__
  • from <Current directory>\hard disk sentinel\local\temp\@programfilesx86@\hard disk sentinel\hdsentinel.exe to <Current directory>\hard disk sentinel\local\modified\@programfilesx86@\hard disk sentinel\hdsentinel.exe
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detjmx.dll\detjmx.dll.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\detjmx.dll\detjmx.dll.manifest
  • from <Current directory>\hard disk sentinel\local\meta\@appdata@\hard disk sentinel\hds_control_remove.vbs.__meta__.__tmp__ to <Current directory>\hard disk sentinel\local\meta\@appdata@\hard disk sentinel\hds_control_remove.vbs.__meta__
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\deta1.dll_0xb15b1d7bcf5255b013c8493f44661d1a.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\deta1.dll_0xb15b1d7bcf5255b013c8493f44661d1a.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\dethp2.dll_0xbc4bbbeccbb8e035e68e301a66dcf2ee.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\dethp2.dll_0xbc4bbbeccbb8e035e68e301a66dcf2ee.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detat.dll_0xf1a3ab40b96c875cfeff0ba7794236aa.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detat.dll_0xf1a3ab40b96c875cfeff0ba7794236aa.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\storelib.dll_0x56a6c9ca675322c411486af78457babb.2.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\storelib.dll_0x56a6c9ca675322c411486af78457babb.2.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\storectrl.dll_0x6706e5a16d023e948fea00aec571feb5.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\storectrl.dll_0x6706e5a16d023e948fea00aec571feb5.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\storagetest.dll_0x9f9ab6aa768df50598e046d4f484b136.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\storagetest.dll_0x9f9ab6aa768df50598e046d4f484b136.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\mv_api.dll_0x7825f2337527cd3bed18e0916d6efd74.2.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\mv_api.dll_0x7825f2337527cd3bed18e0916d6efd74.2.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\infomgr.dll_0x48b3adf1cc74f5f53951c4f42be136cc.2.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\infomgr.dll_0x48b3adf1cc74f5f53951c4f42be136cc.2.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\hdsentineltray.exe_0x4263a553e7b9da9378e367254a7a0728.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\hdsentineltray.exe_0x4263a553e7b9da9378e367254a7a0728.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\dethp.dll_0xd5332a5b98d5af7f5f199996bb8229ec.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\dethp.dll_0xd5332a5b98d5af7f5f199996bb8229ec.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\hdsentinel.exe_0xcbf460d8e42e3e78d956291031f0640f.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\hdsentinel.exe_0xcbf460d8e42e3e78d956291031f0640f.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\activator.exe_0xdeb25d06d1e4094a2f45dea644bb1b22.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\activator.exe_0xdeb25d06d1e4094a2f45dea644bb1b22.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\harddisksentinelupdate.exe_0xc2711d992c6e7dc67b7b71df13a29e1c.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\harddisksentinelupdate.exe_0xc2711d992c6e7dc67b7b71df13a29e1c.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detre6.dll_0x5d5cac3857a17266f1212743b03a4509.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detre6.dll_0x5d5cac3857a17266f1212743b03a4509.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detre.dll_0xe0655b496bb34d63dd4befc69a33cb43.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detre.dll_0xe0655b496bb34d63dd4befc69a33cb43.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detp.dll_0x95304aaa4fa94223da39afb213ad8ad8.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detp.dll_0x95304aaa4fa94223da39afb213ad8ad8.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detmv.dll_0xc9528e4d85e88696ffdf03358cc23e74.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detmv.dll_0xc9528e4d85e88696ffdf03358cc23e74.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detjmx.dll_0x73efe2827ec635cb79f52500bae98e46.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\detjmx.dll_0x73efe2827ec635cb79f52500bae98e46.1.manifest
  • from %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\hdsctrl.exe_0x1246c97c8f99c8eee85b1f76cfdba867.1.manifest.__tmp__ to %TEMP%\spoon\cache\0x501b064d89c58fbc\sxs\manifests\hdsctrl.exe_0x1246c97c8f99c8eee85b1f76cfdba867.1.manifest
  • from <Current directory>\hard disk sentinel\roaming\meta\@programfilesx86@\hard disk sentinel\driveaddremovelog.txt.__meta__.__tmp__ to <Current directory>\hard disk sentinel\roaming\meta\@programfilesx86@\hard disk sentinel\driveaddremovelog.txt.__meta__
Miscellaneous
Searches for the following windows
  • ClassName: 'Progman' WindowName: ''
  • ClassName: 'MS_WINHELP' WindowName: ''
Creates and executes the following
  • '<Current directory>\hard disk sentinel\local\stubexe\0xe6c8b668c31bf07c\hdsentinel.exe' /864A627C-C6B2-464A-AA13-25D62F282BD8
  • '<Current directory>\hard disk sentinel\local\stubexe\0x4e91e1ace02b7e23\detect.dll' /864A627C-C6B2-464A-AA13-25D62F282BD8
  • '<Current directory>\hard disk sentinel\local\stubexe\0x5fd838835c5871b0\fsutil.exe' /864A627C-C6B2-464A-AA13-25D62F282BD8
  • '<Current directory>\hard disk sentinel\local\stubexe\0x088f090cde8fa25d\cscript.exe' /864A627C-C6B2-464A-AA13-25D62F282BD8
  • '<Current directory>\hard disk sentinel\local\stubexe\0x4e91e1ace02b7e23\detect.dll' /864A627C-C6B2-464A-AA13-25D62F282BD8' (with hidden window)
  • '<Current directory>\hard disk sentinel\local\stubexe\0x5fd838835c5871b0\fsutil.exe' /864A627C-C6B2-464A-AA13-25D62F282BD8' (with hidden window)
  • '<Current directory>\hard disk sentinel\local\stubexe\0x088f090cde8fa25d\cscript.exe' /864A627C-C6B2-464A-AA13-25D62F282BD8' (with hidden window)

Рекомендации по лечению

  1. В случае если операционная система способна загрузиться (в штатном режиме или режиме защиты от сбоев), скачайте лечащую утилиту Dr.Web CureIt! и выполните с ее помощью полную проверку вашего компьютера, а также используемых вами переносных носителей информации.
  2. Если загрузка операционной системы невозможна, измените настройки BIOS вашего компьютера, чтобы обеспечить возможность загрузки ПК с компакт-диска или USB-накопителя. Скачайте образ аварийного диска восстановления системы Dr.Web® LiveDisk или утилиту записи Dr.Web® LiveDisk на USB-накопитель, подготовьте соответствующий носитель. Загрузив компьютер с использованием данного носителя, выполните его полную проверку и лечение обнаруженных угроз.
Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

Выполните полную проверку системы с использованием Антивируса Dr.Web Light для macOS. Данный продукт можно загрузить с официального сайта Apple App Store.

Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

Скачать Dr.Web с Apple Store

На загруженной ОС выполните полную проверку всех дисковых разделов с использованием продукта Антивирус Dr.Web для Linux.

Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

  1. Если мобильное устройство функционирует в штатном режиме, загрузите и установите на него бесплатный антивирусный продукт Dr.Web для Android Light. Выполните полную проверку системы и используйте рекомендации по нейтрализации обнаруженных угроз.
  2. Если мобильное устройство заблокировано троянцем-вымогателем семейства Android.Locker (на экране отображается обвинение в нарушении закона, требование выплаты определенной денежной суммы или иное сообщение, мешающее нормальной работе с устройством), выполните следующие действия:
    • загрузите свой смартфон или планшет в безопасном режиме (в зависимости от версии операционной системы и особенностей конкретного мобильного устройства эта процедура может быть выполнена различными способами; обратитесь за уточнением к инструкции, поставляемой вместе с приобретенным аппаратом, или напрямую к его производителю);
    • после активации безопасного режима установите на зараженное устройство бесплатный антивирусный продукт Dr.Web для Android Light и произведите полную проверку системы, выполнив рекомендации по нейтрализации обнаруженных угроз;
    • выключите устройство и включите его в обычном режиме.

Подробнее о Dr.Web для Android

Демо бесплатно на 14 дней

Выдаётся при установке

Скачать с сайта
Скачать с Google Play