W32/LegMir-Z

Category: Viruses and Spyware
Type: Win32 executable file virus
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

W32/LegMir-Z is a network worm and prepending virus with downloading capability.

The virus infects files with the extension EXE in logical drives C: to Z: (some of which may be network shares.) W32/LegMir-Z is a network worm and prepending virus with downloading capability.

The virus infects files with the extension EXE in logical drives C: to Z: (some of which may be network shares.)

W32/LegMir-Z drops a DLL file named virDll.dll into the folder it was executed from and loads an instance of the file into memory. The DLL will download and execute a file from the internet.

W32/LegMir-Z creates the following registry entry:

HKLM\SOFTWARE\Soft\DownloadWWW\

W32/LegMir-Z will also attempt to terminate various anti-virus and security related processes and may modify the hosts file so as to redirect common web pages to a particular address.

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy