PWS:Win32/Zbot.gen!AJ
PWS:Win32/Zbot.gen!AJ Description
PWS:Win32/Zbot.gen!AJ is a password-stealing Trojan that also opens a back door on the compromised PC and, thus, allows attackers to gain remote access and control over the affected computer. PWS:Win32/Zbot.gen!AJ can reduce the hijacked web browser’s security, steal computer data and a victim’s personal information such as online banking information, network credentials and browsing history. PWS:Win32/Zbot.gen!AJ is usually spread via spam emails or through hijacked websites. PWS:Win32/Zbot.gen!AJ uses a configuration file to determine the websites that it will steal from when you visit them. PWS:Win32/Zbot.gen!AJ also logs keystrokes and takes screenshots of the corrupted PC. PWS:Win32/Zbot.gen!AJ sends collected data to a predefined FTP or email server, indicated in the configuration file.
PWS:Win32/Zbot.gen!AJ Automatic Detection Tool (Recommended)
Is your PC infected with PWS:Win32/Zbot.gen!AJ? To safely & quickly detect PWS:Win32/Zbot.gen!AJ, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect PWS:Win32/Zbot.gen!AJ
What happens if PWS:Win32/Zbot.gen!AJ does not let you open SpyHunter or blocks the Internet?
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name 1 %APPDATA%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe 2 C:\Documents and Settings\Administrator\Application Data\iciz\uxqug.exe
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 = "1609" = "0"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 = "1406" = "0"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 = "1609" = "0"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 = "1406" = "0"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 = "1406" = "0"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Run "C:\Documents and Settings\Administrator\Application Data\iciz\uxqug.exe"
Posted: September 13, 2012 | By SpywareRemove
MoreThreat Level: 8/10
(No Ratings Yet)
Loading ...Rate this article:
Detection Count: 70
