SecurityHome.eu Virus:DOS/Rovnix.V

Home / malware PDF

Virus:DOS/Rovnix.V

First posted on 03 January 2014.
Source: Microsoft
Aliases :
There are no other names known for Virus:DOS/Rovnix.V.
Explanation :
Threat behavior

DOS/Rovnix.V is a malicious Volume Boot Record (VBR), which is loaded at boot time. It tries to tamper with some Windows kernel data to load its own malicious driver. This might bypass the Driver Signature Enforcement on a 64-bit system.

The malicious driver injects other malware components, for example Trojan:Win32/Claretore.L, into the explorer.exe process.

To hide its presence in your PC, the loaded driver intercepts the hard disk I/O (input/output) operation, and returns the original clean copy if the VBR is accessed.

Symptoms

Alerts from your security software may be the only symptom.

Last update 03 January 2014

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Virus:DOS/Rovnix.V
Virus:DOS/Rovnix.W
Virus:DOS/Rovnix.F