Defend what you create

Other Resources


My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets



Added to the Dr.Web virus database: 2012-07-07

Virus description added:

Technical Information

Malicious functions
Searches for registry branches where third party applications store passwords
  • [<HKCU>\Software\Paltalk]
Modifies file system
Creates the following files
  • %TEMP%\<File name>.exe
Deletes itself.
Network activity
HTTP GET requests
  • '':443
  • UDP
    • DNS ASK
    • DNS ASK
    Searches for the following windows
    • ClassName: 'MS_AutodialMonitor' WindowName: ''
    • ClassName: 'MS_WebCheckMonitor' WindowName: ''
    Creates and executes the following
    • '%TEMP%\<File name>.exe'

    The Russian developer of Dr.Web anti-viruses

    Doctor Web has been developing anti-virus software since 1992

    Dr.Web is trusted by users around the world in 200+ countries

    The company has delivered an anti-virus as a service since 2007

    24/7 tech support

    Dr.Web © Doctor Web
    2003 — 2020

    Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

    2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125040