Meu Bitdefender
  • 0 Shopping Cart


Facebook Twitter Google Plus

Ferramentas de Remoção de Vírus Gratuitas

Pc infectado com um vírus específico? Livre-se dele agora, de graça! Basta navegar pela nossa base de dados de vírus conhecidos abaixo e clicar no botão de download para iniciar o processo de remoção do vírus!

Atividade de vírus

nível de ameaça

Nível de Alerta : normal
Últimas Notícias
Open Redirect Vulnerability on MasterCard’s Australia Web Site
An open redirect vulnerability has been found on MasterCard’s Australia web site (ma [...]
Leia mais
Game On! Bitdefender 2015 Boosts Your Gaming Experience
The new Bitdefender 2015 loves gamers. It now protects your in-game life from the outside [...]
Leia mais
Five Severe Vulnerabilities Fixed in Siemens’ SIMATIC WinCC SCADA System
Siemens has issued an update to its SIMATIC WinCC SCADA system due to five severe vulnerab [...]
Leia mais
Fancy $110,000? Easy! Just be Russian and find a way of cracking Tor
It looks like Russia is looking for a way to crack down on those who try to hide their act [...]
Leia mais
Bug-Free MicroKernel for Protecting Drones Goes Open Source
The alleged mathematically proven bug-free microkernel for drone protection is going open [...]
Leia mais
Pushdo Botnet Tops 40k
According to Bitdefender researchers who are monitoring the sinkholed Pushdo domains, the [...]
Leia mais
Pushdo Sinkholing Continues, Size of Problem now Apparent
The sinkholing of Pushdo C&C domains continues and it has become apparent that the bot [...]
Leia mais
New Pushdo Variant Surfaces
Bitdefender researchers Alexandru Maximciuc, Cristina Vatamanu, Doina Cosovan, Paul Boț a [...]
Leia mais
On Cryptolocker and the Commercial Malware Delivery Platform behind It
In an ever-connected world, malware thrives and multiplies at an incredible rate. More tha [...]
Leia mais
Reveton / IcePol Ransomware Moves to Android
It was just a matter of time until the highly prolific gang behind the Reveton / IcePol ne [...]
Leia mais
Ferramenta de remoção especial


2.7 MB
Upon execution the worm copies itself in the windows system folder as kspool.exe and adds a key in the system registry to be run upon startup, named
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Kernel spooler
It then proceeds to spreading, which is done by
a) copying itself as
 >%DriveLetter%\MSSETUP.T~~\Uninstall Driver.exe
where %DriveLetter% is a network mapped drive, creating also a folder.htt file in the same folder, to run the malware when the folder is accessed by Explorer
b) by the dropped library, AVWAV32.DLL, which has file infector behaviour:
It scans the computer for document files (.doc, .xls, .ldf, .mdf) to which it prepends itself and whose extensions are changed to .exe. Upon execution of such a file, the malware infects the computer it is run on, drops the original document and opens it. [...] [...]
carregar mais resultados