W32.Lile.A
Aliases: W32/Lile-A
Variants: N/A
Classification: Malware
Category: Computer Worm
Status: Active & Spreading
Spreading: Slow
Geographical info: North America
Removal: Easy
Platform: W32
Discovered: 30 Sep 2005
Damage: Medium
Characteristics: W32.Lile.A is a file infector worm. It may spread by copying itself into local folders and mapped network drives. It infects files inside peer-to-peer transfer folders and through Instant Messaging programs. The worm may download and execute remote files and tries to perform a Denial of Service (DoS) attack against a specific website.
W32.Lile.A Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
RECOMMENDED:
We recommend that you scan your system for malware. Our partner has a computer worm removal tool to automatically clean W32.Lile.A from your computer.
More details about W32.Lile.A
When W32.Lile.A is executed, it creates files in the System Drive and periodically checks for their presence as an infection marker. It creates the mutex “Leliel_GEDZAC_LABS” so that only one copy of the threat will run on the infected computer. It creates a file named C:\l.reg, runs the Windows registry utility, and modifies the registry to make sure it runs when the user opens .exe and .reg files. The worm also attempts to disable the Windows Firewall, Windows File Protection (SFC) security feature, and the System Restore security feature. It infects .exe files by prepending its code and copying the original file at the end. It attempts to end any running processes which are mostly security related. It attempts to spread to randomly selected drives, except the C drive.The worm spreads on peer-to-peer networks by searching and infecting executable files located in the system. It attempts to obtain full access to the mapped network folders. It even opens a backdoor using the mIRC client on standard IRC ports. It connects to a predetermined IRC channel and waits for commands from the remote attacker. The W32.Lile.A program has several modes of installation. The unwary user may install the dialer program manually. It may come as a bundled component of other program such as a freeware and shareware program. The application can also exploits security flaws and vulnerabilities found in the system. The computer may also obtain the W32.Lile.A program by accessing pornographic sites and clicking unreliable links. The W32.Lile.A program works on computer with Windows platform. The application may run on Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT and Windows XP operating system.
Browse for more malware information
- W32.Lile.A
- W32.Lindo
- W32.Linkbot.A
- W32.Linkfars
- W32.Litar.Worm
- W32.Lofni.Worm
- W32.Logitall.A@mm
- W32.Lohack.C.Worm
- W32.Longbe@mm
- W32.Looked
- W32.Looksky.A@mm
- W32.Lorac
- W32.Losabel
- W32.Lovena.A@mm
- W32.Lovgate.AB@mm
- W32.Loxbot.A
- W32.Lunalight@mm
- W32.Mabezat.A
- W32.Madag.A
- W32.Madangel
- W32.Maddis.B
- W32.Mafeg
- W32.Magflag.A@mm
- W32.Mailbancos@mm
- W32.Maldal.C@mm
- W32.Mancsyn
- W32.Mandaph
- W32.Maniccum
- W32.Mant.Worm
- W32.Mapson.C.Worm
Contact Us
|
Privacy Policy
|
Site Map
Copyright © Uniblue Systems Limited 2007. All rights reserved.