Per il corretto funzionamento del sito, è necessario attivare il supporto di JavaScript nel browser.
Win32.HLLW.Autoruner2.23941
Aggiunto al database dei virus Dr.Web:
2016-05-14
La descrizione è stata aggiunta:
2016-05-14
Technical Information
To ensure autorun and distribution:
Modifies the following registry keys:
[<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Taskman' = '%HOMEPATH%\aegvvp.exe'
Malicious functions:
Executes the following:
Injects code into
the following system processes:
Modifies file system:
Creates the following files:
Sets the 'hidden' attribute to the following files:
Network activity:
UDP:
DNS ASK mu###.###tal-protection.net.ru
DNS ASK sl###.##fehousenumber.com
'mu###.###tal-protection.net.ru':30915
'sl###.##fehousenumber.com':30915
Miscellaneous:
Searches for the following windows:
ClassName: 'Fqqaxtt Gdotucit' WindowName: 'Vbpmbwu Gfxi. Jsa'
ClassName: 'Ohbjxu Vqpkhv Smxge' WindowName: 'Qpknswiq. Luqeb'
ClassName: 'Lmyigv, Jbsvm Obt' WindowName: 'Turhq, Mlmwyd. Ec'
ClassName: 'Pypcmxjj Nehef. Bup' WindowName: 'Nlsevlmk Potbe, Xpl'
ClassName: 'Drtbq. Iweemt Vlx' WindowName: 'Taetx. Oxujf. Ysvc'
ClassName: 'Tvxm Mma. Jxlof, Jn' WindowName: 'Xsla. Hqa, Qhykep K'
ClassName: 'Eqfkx Slexbccou' WindowName: 'Hxaiaf Nshxa Mi'
ClassName: 'Lqvcr Nklcs Igxp' WindowName: 'Clqqfcowl Seluj'
ClassName: 'Jn' WindowName: 'Xsla. Hqa, Qhykep K, Tvxm Mma. Jxlof'
ClassName: 'Jbsvm Obt' WindowName: 'Turhq, Mlmwyd. Ec, Lmyigv'
ClassName: 'Wetesnb Euvia Cxhel' WindowName: 'Ifwqctnx Uyfvtyb'
ClassName: 'Qixdivk Lpopnfls Pd' WindowName: 'Nfoxxdxo Xtgsn, Ie'
ClassName: 'Pwj' WindowName: 'Mtbyn, Jcv, Pde, Aiovdfngex'
ClassName: 'Aiovdfngex, Pwj' WindowName: 'Mtbyn, Jcv, Pde'
ClassName: 'Kebc' WindowName: 'Jkwjslg. Qxf, Sts, Oprxtrfad'
ClassName: 'Swwrjj Ncivwkmccm A' WindowName: 'Toacbagjev Knean, U'
ClassName: 'Kehabexalnb Boq' WindowName: 'Uxdqkw. Ospl Sbtk'
ClassName: 'Oprxtrfad, Kebc' WindowName: 'Jkwjslg. Qxf, Sts'
ClassName: 'Ihmyk Rufkseys El' WindowName: 'Gqdb Lvlaid, Wdwlpi'
ClassName: 'Fkf Hwb' WindowName: 'Jnrdl, Xvypupy. Ek, Bgtdk Fh'
ClassName: 'Bgtdk Fh, Fkf Hwb' WindowName: 'Jnrdl, Xvypupy. Ek'
ClassName: 'Krpnqeu' WindowName: 'Jjyghcch Ejvndyev, Hkutlq Kfs'
ClassName: 'Hkutlq Kfs, Krpnqeu' WindowName: 'Jjyghcch Ejvndyev'
ClassName: 'Lylel Litrh. Raghv' WindowName: 'Lvh. Oheiby Kqe'
ClassName: 'Ufedre. Tp, Xywxvwd' WindowName: 'Yvpat. Gmpftx. E'
ClassName: 'Btidru Tbghvglj Yxd' WindowName: 'Yohuuuc Teyjbnue U'
ClassName: 'Jbegi. Ylsg. Ivmwa' WindowName: 'Akt. Tniaqmkwyw Rw'
ClassName: 'Xywxvwd' WindowName: 'Yvpat. Gmpftx. E, Ufedre. Tp'
ClassName: 'Unowhx, Lkgoijd' WindowName: 'Chhj Avcxm Cupx'
ClassName: 'Ajjtm Rixydu Bkq' WindowName: 'Gxrtpf Djdj Kexdu'
ClassName: 'Eqwaja. Mdwc Kpf' WindowName: 'Skyyci, Wwle Rnjr X'
ClassName: 'Iiur Mjtf Xkpgebku' WindowName: 'Tty, Flu, Ypdgj'
ClassName: 'Ucbsohhf. Ftaj K' WindowName: 'Jrwknc. Ioomuuq'
ClassName: 'Eag' WindowName: 'Aonjhiyod, Cjsqh, Tkxcwqt Dgn'
ClassName: 'Bmjpenr Ofckk Ksi' WindowName: 'Uujm, Bgqldyw. Ped'
ClassName: 'Lkgoijd' WindowName: 'Chhj Avcxm Cupx, Unowhx'
ClassName: 'Tkxcwqt Dgn, Eag' WindowName: 'Aonjhiyod, Cjsqh'
ClassName: 'Cmquuudlh Qyffg U' WindowName: 'Jfjvt Vbyigm Wby'
Scaricate Dr.Web per Android
Gratis per 3 mesi
Tutti i componenti di protezione
Rinnovo versione di prova tramite AppGallery/Google Pay
Continuando a utilizzare questo sito, l'utente acconsente al nostro utilizzo di file Cookie e di altre tecnologie per la raccolta di informazioni statistiche sui visitatori. Per maggiori informazioni
OK