P2P-Worm.Win32.Palevo.bhnc
P2P-Worm.Win32.Palevo.bhnc is a network-aware worm that attempts to replicate across an existing network. P2P-Worm.Win32.Palevo.bhnc can also spread using Windows networking APIs, MAPI functions or email clients such as Microsoft Outlook. P2P-Worm.Win32.Palevo.bhnc often creates unknown email messages which contains a harmful spyware program and sometimes attaches itself to outgoing email messages. P2P-Worm.Win32.Palevo.bhnc also uses a misleading message which suggests that the recipient should open the attachment to see something interesting or important. P2P-Worm.Win32.Palevo.bhnc should not be allowed to spread and must be removed from the infected system immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 %AppData%\wfti.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]HKEY..\..\..\..{RegistryKeys}[HKEY_CURRENT_USER\Software]HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}wfti]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.