Virus.Win32.Cheburgen.a
Virus.Win32.Cheburgen.a is a dangerous computer virus that has the ability to steal passwords from multiple online games. PWS-LegMir.gen, an alias of Virus.Win32.Cheburgen.a, spreads by using 'autorun.inf' in the root folder of available drives in the system and downloads updates of itself. It is recommended that Virus.Win32.Cheburgen.a be detected and safely removed with a spyware removal utility.
Aliases
PWSteal.Lemir.Gen (Symantec) Trojan.PWS.Legmir.875 (Doctor Web) TSPY_LEGMIR.AVS (Trend Micro) TR/Legmir.S (H+BEDV), Win32:TrojanPSW.Legendmir.13.BP (Grisoft)
Trojan.PWS.Lmir.VY (SOFTWIN)
Win32/PSW.Legendmir.NBG (Eset)
Trojan.PWS.Lmir.VY (SOFTWIN)
Win32/PSW.Legendmir.NBG (Eset)
File System Modifications
- The following files were created in the system:
# File Name 1 %ProgramFiles%\common files\system\ado\tsektjkj.exe 2 %ProgramFiles%\getpack\getpack22.exe 3 %ProgramFiles%\icheck\icheck.exe 4 %ProgramFiles%\netmeeting\rsewzjqn.exe 5 %System%\3361\svchost.exe 6 %System%\amvo.exe 7 %System%\blphc35dj0erc1.scr 8 %System%\csrsc.exe 9 %System%\dqrftqpn.exe 10 %System%\hard63.exe 11 %System%\hrnokwop.exe 12 %System%\ipodfixer.exe 13 %System%\klpglklr.exe 14 %System%\lphc35dj0erc1.exe 15 %System%\reader_s.exe 16 %System%\rs32net.exe 17 %System%\urdvxc.exe 18 %System%\vncsrv.exe 19 %System%\wsnpoema.exe 20 %System%\yhjcxfty.exe 21 %UserProfile%\lsass.exe 22 %UserProfile%\reader_s.exe 23 %Windir%\dnmee33.exe 24 %Windir%\pchealth\helpctr\system\compatctr\hrtbebze.exe 25 %Windir%\pchealth\helpctr\system\compatctr\jbnxjtkn.exe 26 %Windir%\pchealth\helpctr\system\compatctr\tnslrrhk.exe 27 %Windir%\pchealth\helpctr\system\compatctr\zlhqrlbx.exe 28 %Windir%\pchealth\helpctr\system\dvdupgrd\shrrtjet.exe 29 %Windir%\pchealth\helpctr\system\errmsg\vlvxqrek.exe 30 %Windir%\pchealth\helpctr\system\errors\jcjjlqnq.exe 31 %Windir%\pchealth\helpctr\system\netdiag\hsjqschn.exe 32 %Windir%\pchealth\helpctr\system\netdiag\xrvxszvs.exe 33 %Windir%\pchealth\helpctr\system\panels\nntlskwn.exe 34 %Windir%\pchealth\helpctr\system\panels\sncncweb.exe 35 %Windir%\pchealth\helpctr\system\rc\qbrblthb.exe 36 %Windir%\pchealth\helpctr\system\remote assistance\rqxjhbsl.exe 37 %Windir%\pchealth\helpctr\system\remote assistance\rzqstbqq.exe 38 %Windir%\pchealth\helpctr\system\remote assistance\wesnhzec.exe 39 %Windir%\pchealth\helpctr\system\sysinfo\bjlkjrls.exe 40 %Windir%\pchealth\helpctr\system\sysinfo\cntbrbzr.exe 41 %Windir%\pchealth\helpctr\system\sysinfo\jbrhbztz.exe 42 %Windir%\pchealth\helpctr\system\sysinfo\jrtqcssx.exe 43 %Windir%\pchealth\helpctr\system\sysinfo\rbcjjwqr.exe 44 %Windir%\pchealth\helpctr\system\sysinfo\rercrnhh.exe 45 %Windir%\pchealth\helpctr\system\sysinfo\rnbrkrlv.exe 46 %Windir%\pchealth\helpctr\system\sysinfo\vkchbbxh.exe 47 %Windir%\pchealth\helpctr\system\updatectr\lwklbvze.exe 48 %Windir%\pchealth\helpctr\system\updatectr\qxshkkqn.exe 49 %Windir%\pchealth\helpctr\system\updatectr\rrbvcsbb.exe 50 %Windir%\pchealth\helpctr\system\updatectr\snqesjrk.exe 51 %Windir%\pchealth\helpctr\system\updatectr\trkhkjxz.exe 52 %Windir%\svchost.exe 53 %Windir%\twain.exe 54 %Windir%\vmmreg32.exe 55 %Windir%\web\wcxnjhhj.exe 56 %Windir%\win32cam.exe 57 c:\inetpub\wwwroot\kkvwbsrw.exe 58 c:\r6r.exe 59 c:\tvsknrse.exe
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.