Threat Information for "Win32.HLLW.Generic.96"

Removal Top

StopSign will automatically remove this infection with a paid membership.

Summary Top
  • Name: Win32.HLLW.Generic.96
  • Aliases:
  • Date Discovered: 2006-10-25
  • Protection Added: 2006-11-02
Description Top 
-- Ease of Removal

1: Uses running processes
2: Consistently named
3: Consistent file contents
4: Creates new registry entries with consistent data

-- Privacy Risks/Security Changes

1: Mimics legitimate file names
2: Modifies host files

-- Damage/Intrusion/Annoyance

1: Creates new files
2: Downloads other threats
3: Significantly slows down the computer

-- Propagation/Saturation

1: Installed by other infections
2: Infects from an email attachment
3: Infects from a link in an email
4: Spreads to other computers on the same network
Technical Details Top
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\iexplore.exe
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\bsfirst*.log
  • Added Directory/File:
    FilePath: %WINDIR%\rundll32.exe
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\userinit32.exe
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\explorer.exe
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\rundll32.exe