SecurityHome.eu Win32.Luix.A

Home / malware PDF

Win32.Luix.A

First posted on 21 November 2011.
Source: BitDefender
Aliases :
There are no other names known for Win32.Luix.A.
Explanation :
This is a somewhat harmless virus. It first makes a registry key in HK_LMSoftwareMicrosoftWindowsCurrentVersionRun named “svchost.exe“ witch contains the path to the calling file that enables him at startup. It also makes the following registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoiciesSystemDisableTaskMgr that tryes to disable the task manager.

After these two steps, the process scans the local hard drive and for each file found (“*.uri”, “*.txt” , “*.uri”, “*.dll”, “*.exe”, etc...) it makes a copy of itself in the current directory named as the file found. Eventually, the local storage space will become insufficient and the system will come to a halt.
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20