Win32.HLLP.Kespo.4
Added to the Dr.Web virus database:
2017-10-27
Virus description added:
2019-07-24
Technical Information
To ensure autorun and distribution
Creates or modifies the following files
- %ALLUSERSPROFILE%\start menu\programs\startup\desktop.ini
Infects the following executable files
- %ALLUSERSPROFILE%\application data\adobe\setup\{ac76ba86-7ad7-1033-7b44-aa1000000001}\setup.exe
- %ALLUSERSPROFILE%\application data\package cache\{01db25f3-1b76-4d97-88c8-1c90634d88fb}\vcredist_x86.exe
- %ALLUSERSPROFILE%\application data\package cache\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}\vcredist_x86.exe
- %ALLUSERSPROFILE%\application data\package cache\{615bc16d-60f5-482e-91b3-b51d8130963b}\vcredist_x86.exe
- %ALLUSERSPROFILE%\application data\package cache\{74d0e5db-b326-4dae-a6b2-445b9de1836e}\vc_redist.x86.exe
- %ALLUSERSPROFILE%\application data\package cache\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}\vcredist_x86.exe
- %APPDATA%\icqm\icq\dll\mailrusputnik.exe
- %APPDATA%\icqm\icq\dll\mousephone.dll
- %APPDATA%\icqm\icq\dll\mratag.dll
Modifies file system
Modifies user data files (Trojan.Encoder).
欢迎下载
Dr.Web for Android
-
免费3个月
-
可使用所有保护组件
-
可在AppGallery/Google Pay延期
继续使用此网站意味着您同意我们使用Cookie文件和其他用于收集网站访问统计信息的技术手段。详细信息