Ferramentas de Remoção de Vírus Gratuitas
Pc infectado com um vírus específico? Livre-se dele agora, de graça! Basta navegar pela nossa base de dados de vírus conhecidos abaixo e clicar no botão de download para iniciar o processo de remoção do vírus!
Atividade de vírus
nível de ameaça
Dutch Keep Cash under Mattress after DDoS Attacks
The Dutch increasingly keep extra cash at home after the recent DDoS attacks targeting the [...]
Leia mais
Detective Arrested for Hacking out of Obsessive Love
A New York detective was arrested after allegedly spying on over 30 people, including poli [...]
Leia mais
Five Percent of the Internet Could Be Hijacked via Embedded OS Flaws
The 2012 Internet Census published earlier this year revealed that embedded devices are fa [...]
Leia mais
Guantanamo Wi-Fi Cut Off after Anonymous Threat
Guantanamo Bay Naval Base shut down its wireless connection to bar prisoners from accessin [...]
Leia mais
Kids Watch Porn Online as Early as Age 6, Bitdefender Study Shows
Kids start watching porn online from as early as the age of 6, and flirting on the Interne [...]
Leia mais
New TDL Clones in the Wild
New TDL clones are making the rounds these days, according to Bitdefender Labs antimalware [...]
Leia mais
BTC Acceptance Rising – Among Cyber-thieves
While the actual Bitcoin currency might have its ups and downs, the notion that it is real [...]
Leia mais
Police Ransomware Trojan Morphs, Spreads
The Trojan.Icepol e-threat (that we’ve covered here before) is still alive and very [...]
Leia mais
MiniDuke – The Final Cut
Bitdefender Labs analysts have taken the time to put together an in-depth look at MiniDuke [...]
Leia mais
How to Target a Collection Tool – MiniDuke
The 2012 sample of MiniDuke is now fully analyzed and the results are in, revealing a surp [...]
Leia mais
Ferramenta de remoção especial
Win32.Worm.Delf.NCZ
BAIXO
BAIXO
2.7 MB
05.23.2007
Upon execution the worm copies itself in the windows system folder as kspool.exe and adds a key in the system registry to be run upon startup, named
a) copying itself as
and
b) by the dropped library, AVWAV32.DLL, which has file infector behaviour:
It scans the computer for document files (.doc, .xls, .ldf, .mdf) to which it prepends itself and whose extensions are changed to .exe. Upon execution of such a file, the malware infects the computer it is run on, drops the original document and opens it. [...] [...]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Kernel spoolerIt then proceeds to spreading, which is done by
a) copying itself as
>%DriveLetter%\MSSETUP.T~~\Uninstall Driver.exewhere %DriveLetter% is a network mapped drive, creating also a folder.htt file in the same folder, to run the malware when the folder is accessed by Explorer
and
b) by the dropped library, AVWAV32.DLL, which has file infector behaviour:
It scans the computer for document files (.doc, .xls, .ldf, .mdf) to which it prepends itself and whose extensions are changed to .exe. Upon execution of such a file, the malware infects the computer it is run on, drops the original document and opens it. [...] [...]
COMPARTILHE
ISSO EM