Files detected as W32.Mezit!inf are copies of legitimate Windows DLL files that have already been infected.
When the threat is executed, it creates the following files:
- %UserProfile%\Application Data\locallow\[RANDOM CHARACTERS].dll
- %UserProfile%\Application Data\roaming\[RANDOM CHARACTERS].dll
The threat may then infect the computer with malware in order to steal information from the compromised computer.
Symantec Security Response encourages all users and administrators to adhere to the following basic security "best practices":