JavaScript support is required for our site to be fully operational in your browser.
Win32.HLLW.Autoruner1.18725
Added to the Dr.Web virus database:
2012-07-07
Virus description added:
2020-06-16
Technical Information
Malicious functions
Searches for registry branches where third party applications store passwords
[<HKCU>\Software\Paltalk]
Modifies file system
Creates the following files
Deletes itself.
Network activity
TCP
HTTP GET requests
http://dl###.comli.com/index.php?ac#############################################
http://dl###.comli.com/index.php?ac#######################################################################
'00###bhost.com':443
UDP
DNS ASK dl###.comli.com
DNS ASK 00###bhost.com
Miscellaneous
Searches for the following windows
ClassName: 'MS_AutodialMonitor' WindowName: ''
ClassName: 'MS_WebCheckMonitor' WindowName: ''
Creates and executes the following
Download Dr.Web for Android
Free three-month trial
All protection features available
Renew your trial license in AppGallery/on Google Pay
By continuing to use this website, you are consenting to Doctor Web’s use of cookies and other technologies related to the collection of visitor statistics. Learn more
OK