Know Your Malware: Loxbot.b Removal

Loxbot.b is a dangerous Internet worm, which propagates through unprotected network shares with weak passwords and uses AOL Instant Messenger to spread through messages containing malicious links that silently download and install the parasite. Once executed, Loxbot.b runs its payload and spreading routine. The worm activates an integrated backdoor controlled through the IRC network, which gives the attacker unauthorized remote access to a compromised computer. It allows the intruder to download and execute arbitrary files, steal user passwords, scan the local network, launch a Denial of Service attack, update the worm and perform other dangerous actions. Loxbot.b automatically runs on every Windows startup.

Related files: express.exe

Loxbot.b properties:
Allows remote user connection
Connects itself to the internet
Hides from the user
Stays resident in background Remove Loxbot.b, removal instructions

Linked by shanmuga Tuesday, 1st November 2005 7:56AM