But, that's just DanteG in another forum asking the same question!Originally posted by RSM123:
Unfortunately I just uninstalled Kazaa but read here :
go to http://www.tomcoyote.org/hjt/ , and download 'Hijack This!'.Win32/HLLP.Hantaner is a new executable files infector, written in Borland Delphi 6 and compressed with the well known packer UPX. The virus body size is 24064 bytes.
Hantaner infects all kind of executables (DOS executables, PE executables, etc.) - actually any file with ".exe" extension, by shifting the original file content with the hole virus body. It also spreads using Kazaa P2P sharing network, by infecting executables shared by the victim's computer
The first time when is executed, Hantaner will read from the registry the path for the Internet Explorer download directory and for Kazaa shared files and download directory locations. Then it will create a list with all executable files from those folders by searching for all files with ".exe" extension. Note that the files already infected by the virus are ignored.
At this point, Hantaner will create a temporary file, in the Windows temporary folder, file with name that starts with "Joi" (from "Joiner"). This file is used to drop the original host file (that was appended at infection time) and then the file will be executed.
After this, Hantaner calls the infection routine. All executables found will be infected. In this process, the virus creates two more files in the Windows directory: "Hanta" and "010101.dat". Those files are deleted when the infection process ends.
Evilness: Potentially destructive (corrupts data while replicating)
Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.
If you're not already familiar with forums, watch our Welcome Guide to get started.
Join over 807,865 other people just like you!