Per il corretto funzionamento del sito, è necessario attivare il supporto di JavaScript nel browser.
Win32.HLLP.Flea.1
Aggiunto al database dei virus Dr.Web:
2010-03-09
La descrizione è stata aggiunta:
2019-07-22
Technical Information
To ensure autorun and distribution
Modifies the following registry keys
[<HKLM>\Software\Classes\exefile\shell\open\command] '' = '%WINDIR%\svchost.exe "%1" %*'
Infects the following executable files
%ALLUSERSPROFILE%\application data\adobe\setup\{ac76ba86-7ad7-1033-7b44-aa1000000001}\setup.exe
%TEMP%\pyl1.tmp.exe
%HOMEPATH%\my documents\chromesetup (1).exe
%HOMEPATH%\my documents\chromesetup.exe
%HOMEPATH%\my documents\firefox setup stub 40.0.2.exe
%HOMEPATH%\my documents\jre-8u60-windows-i586-iftw (1).exe
%HOMEPATH%\my documents\jre-8u60-windows-i586-iftw.exe
%HOMEPATH%\my documents\mirc743.exe
%HOMEPATH%\my documents\pidgin-2.10.11 (1).exe
%HOMEPATH%\my documents\pidgin-2.10.11.exe
%HOMEPATH%\my documents\qip2005.exe
%HOMEPATH%\my documents\steamsetup.exe
C:\msocache\all users\{90120000-0030-0000-0000-0000000ff1ce}-c\ose.exe
C:\msocache\all users\{90120000-0030-0000-0000-0000000ff1ce}-c\setup.exe
C:\msocache\all users\{90120000-0115-0409-0000-0000000ff1ce}-c\dw20.exe
C:\msocache\all users\{90120000-0115-0409-0000-0000000ff1ce}-c\dwtrig20.exe
<Drive name for removable media>:\utorrent.exe
<Drive name for removable media>:\winmine.exe
<Drive name for removable media>:\wrar520.exe
<Drive name for removable media>:\notepad.exe
%TEMP%\pyl1.tmp\pyrun.exe
<Drive name for removable media>:\chromesetup.exe
%TEMP%\pyl1.tmp\pylauncher.exe
%TEMP%\pyl1.tmp\bin\7z.exe
%ALLUSERSPROFILE%\application data\package cache\{01db25f3-1b76-4d97-88c8-1c90634d88fb}\vcredist_x86.exe
%ALLUSERSPROFILE%\application data\package cache\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}\vcredist_x86.exe
%ALLUSERSPROFILE%\application data\package cache\{615bc16d-60f5-482e-91b3-b51d8130963b}\vcredist_x86.exe
%ALLUSERSPROFILE%\application data\package cache\{74d0e5db-b326-4dae-a6b2-445b9de1836e}\vc_redist.x86.exe
%ALLUSERSPROFILE%\application data\package cache\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}\vcredist_x86.exe
%APPDATA%\icqm\icq\dll\mailrusputnik.exe
%APPDATA%\qipguard\qipguard.exe
%APPDATA%\qipguard\qipguard_upd.exe
%APPDATA%\telegram desktop\unins000.exe
%APPDATA%\telegram desktop\updater.exe
%HOMEPATH%\desktop\dotnetfx45_full_setup.exe
%HOMEPATH%\desktop\skypesetup.exe
%TEMP%\7f4987fb1a6e43d69e3e94b29eb75926\yandexsearch.exe
%TEMP%\downloader.exe
%TEMP%\mirc743.exe
%TEMP%\opera installer\installer.exe
%TEMP%\opera installer\opera_ni_stable[1].exe
%TEMP%\ose00000.exe
%TEMP%\ose00001.exe
%TEMP%\pyl1.tmp\bin\resize2fs.exe
<Drive name for removable media>:\skypesetup.exe
Modifies file system
Creates the following files
%WINDIR%\svchost.exe
%TEMP%\tmp8432\<File name>.exe
%TEMP%\tmp8432\~2d38
Scaricate Dr.Web per Android
Gratis per 3 mesi
Tutti i componenti di protezione
Rinnovo versione di prova tramite AppGallery/Google Pay
Continuando a utilizzare questo sito, l'utente acconsente al nostro utilizzo di file Cookie e di altre tecnologie per la raccolta di informazioni statistiche sui visitatori. Per maggiori informazioni
OK