Virus.Win32.Hala.a
Virus.Win32.Hala.a is a dangerous worm parasite. Once Virus.Win32.Hala.a is installed, it can then compromise your system and personal information by allowing an outside attacker access to your computer. Virus.Win32.Hala.a may also display false positives and block legitimate anti-virus programs. Virus.Win32.Hala.a may go undetected but must be removed the instant that it is detected by a trustworthy spyware detection tool.
File System Modifications
- The following files were created in the system:
# File Name 1 %Program Files%\Mozilla Firefox\searchplugins\search.xml 2 %UserProfile%\Application Data\2565da61\278.mof 3 %UserProfile%\Application Data\2565da61\ag.cfg 4 %UserProfile%\Application Data\2565da61\AG.ico 5 %UserProfile%\Application Data\2565da61\AG345d.exe 6 %UserProfile%\Application Data\2565da61\AGSys 7 %UserProfile%\Application Data\2565da61\AGSys\vd952342.bd 8 %UserProfile%\Application Data\2565da61\mozcrt19.dll 9 %UserProfile%\Application Data\2565da61\sqlite3.dll 10 %UserProfile%\Application Data\Additional Guard\cookies.sqlite 11 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Additional Guard.lnk 12 %UserProfile%\Desktop\Additional Guard.lnk 13 %UserProfile%\Recent\cb.exe 14 %UserProfile%\Recent\CLSV.tmp 15 %UserProfile%\Recent\ddv.dll 16 %UserProfile%\Recent\dudl.drv 17 %UserProfile%\Recent\energy.dll 18 %UserProfile%\Recent\energy.sys 19 %UserProfile%\Recent\exec.exe 20 %UserProfile%\Recent\fan.drv 21 %UserProfile%\Recent\FS.dll 22 %UserProfile%\Recent\PE.drv 23 %UserProfile%\Recent\ppal.exe 24 %UserProfile%\Recent\SICKBOY.tmp 25 %UserProfile%\Recent\tjd.sys 26 %UserProfile%\Start Menu\Additional Guard.lnk 27 %UserProfile%\Start Menu\Programs\Additional Guard.lnk
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://search-gala.com/?&uid=220&q={searchTerms}"HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://search-gala.com/?&uid=220&q={searchTerms}"HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}HKEY_CLASSES_ROOT\xp_7a9be.DocHostUIHandlerHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Additional Guard"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.