Threat Information for "Win32.HLLM.Limar"
| Summary | Top |
- Name: Win32.HLLM.Limar
- Aliases:
- Date Discovered: 2007-01-17
- Protection Added: 2007-01-18
| Description | Top |
-- Ease of Removal 1: Creates new registry entries with consistent data 2: Consistent file contents 3: Consistently named 4: Uses running processes -- Privacy Risks/Security Changes 1: Mimics legitimate file names -- Damage/Intrusion/Annoyance 1: Significantly slows down the computer 2: Creates new files 3: Autoruns at startup without an option to be disabled 4: Downloads other threats -- Propagation/Saturation 1: Spreads to other computers on the same network 2: Infects through a blind IP address attack 3: Spreads through Peer-2-Peer software 4: Installed by other infections
| Technical Details | Top |
- Added Directory/File:
FilePath: %WINDIR%\serv.wax - Added Directory/File:
FilePath: %WINDIR%\serv.dll - Added Directory/File:
FilePath: %SYSTEMDIR%\iissmtxl.dll - Added Directory/File:
FilePath: %WINDIR%\serv.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\e1.dll - Added Directory/File:
FilePath: %WINDIR%\serv.s - Added Directory/File:
FilePath: %SYSTEMDIR%\vdiealrs.exe - Added Directory/File:
FilePath: %SYSTEMDIR%\dmdlmsvf.dll - Added Registry Value:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: serv
