Para el funcionamiento correcto del sitio web, debe activar el soporte de JavaScript en su navegador.
Win32.HLLW.Autoruner.61264
Added to the Dr.Web virus database:
2011-10-02
Virus description added:
2011-10-02
Technical Information
Malicious functions:
Creates and executes the following:
%WINDIR%\disk4.exe (downloaded from the Internet)
%WINDIR%\disk5.exe (downloaded from the Internet)
%WINDIR%\disk3.exe (downloaded from the Internet)
%WINDIR%\disk1.exe (downloaded from the Internet)
%WINDIR%\disk2.exe (downloaded from the Internet)
Modifies file system :
Creates the following files:
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\kwmusic_msnassistant[1].exe
%WINDIR%\disk3.exe
%WINDIR%\disk4.exe
%WINDIR%\disk5.exe
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\wl0419152[1].exe
%WINDIR%\disk1.exe
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\zz623[1].exe
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\t086[1].wko
%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\coopen_setup_100180[1].exe
%WINDIR%\disk2.exe
Network activity:
Connects to:
'do####ad.coopen.cn':80
'do##.kuwo.cn':80
'do##.emoney.cn':80
'localhost':1034
'd.###sanguo.com':80
'www.xu###i100.com':80
TCP:
HTTP GET requests:
do##.kuwo.cn/mbox/kwmusic_msnassistant.exe
do##.emoney.cn/wl0419152.exe
do####ad.coopen.cn/setup/v5/coopen_setup_100180.exe
d.###sanguo.com/623/zz623.exe
www.xu###i100.com/msn/software/partner/dwq0617/t086.wko
UDP:
DNS ASK do####ad.coopen.cn
DNS ASK do##.kuwo.cn
DNS ASK do##.emoney.cn
DNS ASK d.###sanguo.com
DNS ASK www.xu###i100.com
'<Private IP address>':1035
Descargue Dr.Web para Android
Gratis por 3 meses
Todos los componentes de protección
Renovación de la demo a través de AppGallery/Google Pay
Si Vd. continúa usando este sitio web, esto significa que Vd. acepta el uso de archivos Cookie y otras tecnologías para que recabemos las estadísticas sobre los visitantes. Más información
OK