Win32.HLLW.Autoruner1.33762
Added to the Dr.Web virus database:
2013-02-21
Virus description added:
2013-03-13
Technical Information
Malicious functions:
Creates and executes the following:
Executes the following:
- <SYSTEM32>\rundll32.exe user32, SwapMouseButton
- <SYSTEM32>\cmd.exe /c bat.bat
Modifies file system :
Creates the following files:
- <Current directory>\NGZMZR.BOL
- <Current directory>\ESLSPB.KMT
- <Current directory>\MWKOWA.UOS
- <SYSTEM32>\Log.txt
- <Current directory>\AZBJEX.CPM
- <Current directory>\SLZMJW.BYQ
- <Current directory>\KGEKWC.QKE
- <Current directory>\bat.bat
- <Current directory>\key.reg
- <SYSTEM32>\KeyLogger.exe
- <Current directory>\NYWPUS.JHA
- <Current directory>\QGEHFI.GZM
Sets the 'hidden' attribute to the following files:
欢迎下载
Dr.Web for Android
-
免费3个月
-
可使用所有保护组件
-
可在AppGallery/Google Pay延期
继续使用此网站意味着您同意我们使用Cookie文件和其他用于收集网站访问统计信息的技术手段。详细信息