|
It's yet another virus - W32.HLLW.Purol [COLOR=firebrick][B][I][SIZE=1][FONT=arial] Found on the program (T-42832-)hacking tools 2002.exe W32.HLLW.Purol Type: Worm Infection Length: 38,225 bytes Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me Systems Not Affected: Windows 3.x, Microsoft IIS, Macintosh, OS/2, UNIX, Linux Virus Definitions (Intelligent Updater) April 11, 2003 Damage - Payload:Deletes files: Attempts to delete directories belonging to several Antivirus programs. Distribution - Shared drives: Attempts to spread through various file-sharing networks. When W32.HLLW.Purol runs, it does the following: Attempts to delete all the files from the following folders: C:\Progra~1\eSafe\Protect C:\Progra~1\McAfee VirusScan C:\Progra~1\NORTON~1 C:\Progra~1\Acceleration Software\Anti-Virus C:\Progra~1\F-prot C:\Progra~1\Mcafee C:\Progra~1\Kasper~1 C:\Progra~1\Avpersonal C:\Progra~1\Bullguard Adds the value: "Winstart"="c:\windows\winstart32.exe" to the following registry keys: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\ RunServices HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run Checks the following folders: C:\Windows\Myshares C:\Program Files\Icq\Shared Files C:\Program Files\Bearshare\Shared C:\Program Files\Morpheus\My Shared Folder C:\Program Files\Edonkey2000\Incoming C:\Program Files\Gnucleus\Downloads C:\Program Files\Gnucleus\Downloads\Incoming C:\Program Files\Kazaa\My Shared Folder C:\Program Files\Kazaa Lite\My Shared Folder C:\Program Files\Limewire\Shared Then, the worm copies itself to any of the folders that it finds. It also adds registry values to all of the above, then happily sets about procreating. More details, plus how to remove it manually can be found at the Symantec site (among others). 2 viruses (virii?) in 2 days. Geez, I feel like one of those bomb-sniffing dogs! |
You didn't really download and execute that program did you? I half-way respect the script kiddie way, all hackers were at one time a script kiddie, but everyone knows to never download hacking tools from a P2P network, right? You should always use extreme caution if you dare to download and execute a program from a P2P network. Common sense will protect you from this worm. mstfyd: once again man - [/FONT][/SIZE][/I][/B][/COLOR] I don't mean to be a smartass, but adding that to the end of your post will make it look a lot better. deepblue |
Re: It's yet another virus - W32.HLLW.Purol pfft! Norton Antivirus caught this in mid-download, so it never completed. However, I have been caught once by spamware which flew below Norton's radar, and later was caught by Ad Aware (not AA's fault, I thought that permission was being asked for something legit & granted it). Now, it's no more decisions on the sleep-deprivation diet :eek: . No way am I a programmer; although I briefly went to a programming blender school (mix 'em up, churn 'em out, dump the dregs, take the $), as a programmer, I make an excellent coffee cocktail :p Quote:
|
Why on earth are you pulling up old threads this is the second thread today thats not the way to increase your post tally lol... |
Kazaa pfft. one of the worst filing sharing apps out there no wonder why some of you noobs have no clue how to download from Gnutella. :rolleyes: You might want to run only one file sharing app, its any wonder how you computer isnt totally infested with spyware by now. and I know its an old thread. :D |
kazaa is still a big network, it just comes with alot adware does ads cant fight with the biggest network |
Every P2P network has a lot of spyware/adware/malware. Get used to it. Use some common sense and it shouldn't be a problem. deepblue |
| All times are GMT -7. The time now is 05:33 AM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 ©2011, Crawlability, Inc.
Copyright © 2020 Gnutella Forums.
All Rights Reserved.