Meu Bitdefender
  • 0 Shopping Cart


Facebook Twitter Google Plus

Ferramentas de Remoção de Vírus Gratuitas

Pc infectado com um vírus específico? Livre-se dele agora, de graça! Basta navegar pela nossa base de dados de vírus conhecidos abaixo e clicar no botão de download para iniciar o processo de remoção do vírus!

Atividade de vírus

nível de ameaça

Nível de Alerta : normal
Últimas Notícias
Android users offered $5 refund for useless anti-virus app
Earlier this month it was revealed that well over 10,000 Android users had bought an anti- [...]
Leia mais
Latest Facebook Survey Questions Users about Privacy, Annoying Posts
Facebook is curious about privacy, annoying posts and the overall experience on the platfo [...]
Leia mais
Hackers Breach NASA Database, Leak Account Credentials, Emails and Passwords
The GrenXPaRTa hackers group breached the systems of National Aeronautics and Space Admini [...]
Leia mais
Backdoor Still Hidden in Patch for Wi-Fi Routers
The backdoor affecting Sercomm wireless DSL routers has not been fixed, and lays hidden in [...]
Leia mais
Scam Easter Basket Packed with Fake Vouchers, Viagra and Religious Fraud
Cyber-criminals are hiding dangerous goodies among the Easter eggs and chocolate bunnies t [...]
Leia mais
Bitdefender Blocks .rtf Exploit
Bitdefender has added detection to all products for code exploiting the recently revealed [...]
Leia mais
Trojan Promises Naked Videos of Facebook Friends
More than 2,000 people have been tricked into installing a Trojan after clicking on a new [...]
Leia mais
Digging into Facebook ads: finding clues that indicate a scam pattern
The paper by Bitdefender developer Andrei Serbanoiu, titled Digging into Facebook ads: fin [...]
Leia mais
Icepol MDN – A Server Snapshot
Bitdefender researchers have gained access on September 26, 2013 to the disk images of a s [...]
Leia mais
On the Cryptolocker Takedown #fail
Bitdefender researchers have identified a number of domains which are still hosting Crypto [...]
Leia mais
Ferramenta de remoção especial


2.7 MB
Upon execution the worm copies itself in the windows system folder as kspool.exe and adds a key in the system registry to be run upon startup, named
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Kernel spooler
It then proceeds to spreading, which is done by
a) copying itself as
 >%DriveLetter%\MSSETUP.T~~\Uninstall Driver.exe
where %DriveLetter% is a network mapped drive, creating also a folder.htt file in the same folder, to run the malware when the folder is accessed by Explorer
b) by the dropped library, AVWAV32.DLL, which has file infector behaviour:
It scans the computer for document files (.doc, .xls, .ldf, .mdf) to which it prepends itself and whose extensions are changed to .exe. Upon execution of such a file, the malware infects the computer it is run on, drops the original document and opens it. [...] [...]
carregar mais resultados