Cleevix (computer virus)

Cleevix (computer virus)
Cleevix
Common name Cleevix
Technical name W32/Cleevix
Family Cleevix
Classification Virus
Type Windows
Subtype Windows file infector
Isolation January 2006
Point of isolation Unknown
Point of Origin Malaysia
Author(s) Iclee_vx

Cleevix is an unremarkable direct action Windows file infector virus. The earliest isolation date is currently January 2, 2006. Because of the message box displayed whenever Cleevix infects a file, it is easily noticed, and unlikely to spread in the field. Beyond having variable encryption features (which change after each generation), it is a very simple virus.

Contents

Infection

When a file infected by Cleevix is executed, it will search the following directories and infect all Portable Executable .exe files in them:

  • The Windows directory
  • The System directory
  • The current directory

Infected files will have Cleevix's encrypted virus code appended to them. After this, Cleevix displays a message box (see symptoms).

Symptoms

Files infected by Cleevix will increase by 3,106 bytes. In addition, a message box will be displayed after the virus performs its infection routine. The message box is entitled "F-13 Labs" and contains the message "Author:1[REMOVED]e_vx". The author's name has been intentionally removed in all available descriptions.

Prevalence

The spread of file infectors is generally slow. As such, it is often several months before they are spotted in the field. Because of this, it is impossible (as of January 2006) to get very accurate statistics on the spread of Cleevix. However, the message box payload means that this virus is easily discovered and is unlikely to become common.

External links


Wikimedia Foundation. 2010.

Игры ⚽ Нужен реферат?

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”