Home / malware Win32.Klest
First posted on 21 November 2011.
Source: BitDefenderAliases :
Win32.Klest is also known as Virus.Win32.Downloader.ax;, W32.Mumawow.Y!inf; W32/Mypis.gen1;, W32/Downloader.E.
Explanation :
Once executed, the virus tries to download an executable file to C:
et.exe from one of the following locations:
- http://dd5.tesekl.info/[removed].exe
- http://w1.avpkav.com/[removed].exe
- http://dd.testkl.cn/[removed].exe
- http://dd2.tesekl.info/[removed].exe
and executes it. The downloaded file is a fileinfector which infects other files with this type of virus.
Most of installer packages become corrupted because the virus modifies the overlay data in an irredeemable way.
But the rest of files and all code data from executables can be restored by BitDefender.Last update 21 November 2011
