L0rdix

What is L0rdix?

If you encounter L0rdix, you can forget about privacy since the malicious application can gather various information and even take screenshots of what you are doing with your computer. Sadly, there is more as the Trojan is capable of other things that we will discuss further in this article. What we ought to stress right away is that the malware might be sold on the dark web. Meaning hackers who purchase it might be able to personalize the threat and distribute it in ways they prefer. As a result, erasing L0rdix manually could be tricky, and we cannot know for sure how users could encounter it. Nonetheless, we provide manual deletion steps that should work for those who infect their computers with the same version of the Trojan that we researched. Also, in the article, we discuss the possible distribution channels and other relevant details about the malicious program, so if you wish to know more, we encourage you to continue reading.

Where does L0rdix come from?

Most Trojans and threats alike are distributed via torrent and other P2P file-sharing web pages, pop-up advertisements, and Spam emails. Thus, our researchers at Anti-spyware-101.com advise not to interact with such sites or content if you do not want to put your system at risk by encountering threats like L0rdix unknowingly. The smartest thing to do if you cannot avoid interaction with doubtful files is to scan them with a legitimate antimalware tool that could identify whether they are malicious or not. If you have not acquired such a tool yet, we advise you to consider installing it. A trustworthy antimalware tool can both help you identify infected files and warn you about various threats.

How does L0rdix work?

The Trojan can detect if a researcher is using the computer by looking for processes of programs they normally use. Afterward, the malicious application should gather information about the victim’s computer, for example, username, operating system, hardware information, antivirus tool, and so on. If a regular user is using the machine, the hackers behind the malware may start executing various commands. For instance, to attack the user’s browser to steal cookie information, login credentials, etc. All of the stolen information gets placed into a zip archive that L0rdix should send to the hackers’ server.

Furthermore, L0rdix can execute other commands as well, such as to perform DDoS attacks or mine cryptocurrencies. In other words, the cybercriminals can use your computer to generate money for themselves or initiate attacks on various websites. Such activities could require a lot of computer’s resources, and so it is possible the user could notice some change in his device’s performance. If you suspect your machine might have been infected with this Trojan, we recommend removing it at once. Needless to say, if it stayed long enough to steal your passwords or other sensitive data, you should take actions to prevent hackers from misusing it, for example, you could change the possibly compromised passwords, although you should make sure the threat is eliminated first.

How to get rid of L0rdix?

As you can see in the instructions placed below this paragraph, L0rdix can be erased manually if the user kills the malware’s processes and deletes the files it ought to create. The problem is a different version could have different processes or create files in different locations. Therefore, it might be difficult to find data belonging to the malicious application on your own. In such a case, we highly recommend leaving this task to a legitimate antimalware tool. All you have to do is install on the infected system, do a full scan with it, and then eliminate the Trojan along with other possible threats by pressing the provided removal button.

Remove L0rdix from the system

1. Click Ctrl+Alt+Delete.
2. Select Task Manager.
3. Look for processes belonging to the malicious application; they could be named syscall.exe, srcc.exe, and audiohq.exe.
4. Select the Trojan’s processes and click End Task to stop them.
5. Leave Task Manager.
6. Press Windows key+E to open File Explorer.
7. Go to these paths:
   %ALLUSERSPROFILE%
   %APPDATA%\Microsoft\Network
   %APPDATA%\Microsoft\Windows
8. Look for executable files created by the malware; they could be named syscall.exe, srcc.exe, and audiohq.exe.
9. Right-click malicious executable files and click Delete to erase them.
10. Find these paths:
    C:\Windows\Tasks
    C:\Windows\System32\Tasks
11. Search for tasks related to the Trojan, right-click them and press Delete.
12. Exit File Explorer.
13. Restart your computer. Download Removal Tool100% FREE spyware scan and
    tested removal of L0rdix*

Stop these L0rdix Processes: