HOME / CONTACT
 
  Home > Malware Cyclopedia > Malware Info.
 Malware Info.
FAQ
Download

 Trojan@W32.FraudPa...
 Trojan@W32.Obfusca...
 Trojan@W32.Zbot.34
 Virus@W32.Sality
 Trojan@W32.Zbot.26
Malware Info. Malware Cyclopedia
Trojan@W32.Zbot.26
Zbot.26 will close the Windows and download Malicious files.

Zbot.26 will close the Windows firewall. It connects the random IP Addresses to download malicious files automatically. Makes the speed of the computer slow down.
Aliases : Trojan-Spy.Win32.Zbot.aayu [Kaspersky Lab]
Type : Trojan
Date Discovered : 2009/12/14
System Affected : Windows 95/98/ME, Windows NT/2000/XP/2003/Vista
 Risk Assessment
Distribution : Medium
Damage : Medium
 Character

None

  Description

Note:Win95/98/me default %windir% is C:\windows
   WinNT/2000/XP/2003 default %windir% is C:\Winnt
   1.Close the Windows firewall
   2.Download malicious files
   3.Makes the speed of the computer slow down.

  ●After executing virus, it will create following files to %Windir% folder:
   \twex.exe

  ●Add following value to the registry. The virus will run while Windows starting.
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\
   CurrentVersion\Winlogon\Userinit="C:\WINDOWS\system32\userinit.exe,"
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\
   CurrentVersion\Winlogon\Userinit="C:\WINDOWS\system32\userinit.exe,
   C:\WINDOWS\system32\twex.exe,"
 solution None
<Back
Copyright ©2009 SumWinTek Corp., Powered by GGreat.
Tel:886-3-5820616 Fax:886-3-5820617 E-mail: support@sumwintek.com 		  
Visitor:136453