W32.Yazz

By GoldSparrow in Viruses

W32.Yazz is a virus that corrupts executable files and adds potentially harmful files onto the compromised PC. When run, W32.Yazz adds the potentially harmful files on the infected computers system. W32.Yazz also creates the UpdateWinTools.5.1 mutex so that only one instance of the virus is executed. W32.Yazz creates the registry entries so that it can load automatically whenever you start Windows. W32.Yazz looks up all drives for executable files and takes over them. W32.Yazz then looks up for network shares and creates copies of affected files using the specific file names. W32.Yazz then drops files from the particular remote locations.

Table of Contents

SpyHunter Detects & Remove W32.Yazz

File System Details

W32.Yazz may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%DriveLetter%\Hello.exe
Name: %DriveLetter%\Hello.exe Type: Executable File Group: Malware file
2.	%DriveLetter%\Money.exe
Name: %DriveLetter%\Money.exe Type: Executable File Group: Malware file
3.	%Temp%\ctxmon.exe
Name: %Temp%\ctxmon.exe Type: Executable File Group: Malware file
4.	%DriveLetter%\ReadMe.exe
Name: %DriveLetter%\ReadMe.exe Type: Executable File Group: Malware file
5.	%UserProfile%\Application Data\pwrwin.exe
Name: %UserProfile%\Application Data\pwrwin.exe Type: Executable File Group: Malware file
6.	%DriveLetter%\Report.exe
Name: %DriveLetter%\Report.exe Type: Executable File Group: Malware file
7.	%DriveLetter%\Sex.exe
Name: %DriveLetter%\Sex.exe Type: Executable File Group: Malware file
8.	file.exe	1cd123dd494d2aa13f7b4a48fbdb0b11	0
Name: file.exe MD5: 1cd123dd494d2aa13f7b4a48fbdb0b11 Size: 132.09 KB (132096 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: March 20, 2013
9.	file.exe	bb950a71fb2d0874a28139cd4f25af98	0
Name: file.exe MD5: bb950a71fb2d0874a28139cd4f25af98 Size: 933.37 KB (933376 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: March 20, 2013
10.	file.exe	ee04db913253bdc775e867f50ced4b79	0
Name: file.exe MD5: ee04db913253bdc775e867f50ced4b79 Size: 1.2 MB (1204224 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: March 20, 2013
11.	file.exe	d0ac31c6d4da3c3487c6accd6a0f2fa2	0
Name: file.exe MD5: d0ac31c6d4da3c3487c6accd6a0f2fa2 Size: 188.41 KB (188416 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: March 20, 2013
12.	file.exe	324afe91c48837e74cefc734d3da7110	0
Name: file.exe MD5: 324afe91c48837e74cefc734d3da7110 Size: 151.55 KB (151552 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: March 20, 2013

Registry Details

W32.Yazz may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"atitool" = "%UserProfile%\Application Data\pwrwin.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"atitool" = "%UserProfile%\Application Data\pwrwin.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"yazzz" = "%Temp%\ctxmon.exe"

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

W32.Yazz

SpyHunter Detects & Remove W32.Yazz

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen