PWS-Zbot.gen.cc
Posted: March 28, 2011
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 843 |
| First Seen: | November 30, 2010 |
|---|---|
| OS(es) Affected: | Windows |
PWS-Zbot.gen.cc is a trojan infection that is able to open up a backdoor to enable remote access the targeted computer system. PWS-Zbot.gen.cc runs automatically every time Windows starts. PWS-Zbot.gen.cc shows many parasites to declare the condition of your computer. PWS-Zbot.gen.cc modifies Internet settings and the system registry to slow your system down and make it perform weirdly.
Aliases
Generic27.BNIO [AVG]W32/Injector.PRI [Fortinet]Trojan-Ransom.Win32.Mbro [Ikarus]Dropper/Win32.Injector [AhnLab-V3]Trojan/Win32.Mbro.gen [Antiy-AVL]W32/VB-FWA [Sophos]Trojan.Packed.22445 [DrWeb]Trojan-Ransom.Win32.Mbro.dcw [Kaspersky]Trojan.Mbro-2 [ClamAV]Win32.Injector.Pri [eSafe]Win32:Rootkit-gen [Rtk] [Avast]Win32/MBRlock.D [NOD32]W32/Worm-FCF!0E0F3848F352 [McAfee]TrojanRansom.MBro.dcw [CAT-QuickHeal]SHeur3.CGGD [AVG]
More aliases (821)
More aliases (821)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%SystemDrive%\Documents and Settings\tcsuser\Application Data\uwpwlmeitke.exe
File name: uwpwlmeitke.exeSize: 138.75 KB (138752 bytes)
MD5: 87cc0a0b77a8d837a2a70c20f3bbcc7d
Detection count: 225
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Documents and Settings\tcsuser\Application Data
Group: Malware file
Last Updated: November 20, 2012
%APPDATA%\A0BAA5.exe
File name: A0BAA5.exeSize: 40.48 KB (40487 bytes)
MD5: 8b07fe8f533ab8e02daa3eaae6612e1c
Detection count: 105
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: July 23, 2012
%APPDATA%\Dropbox\{0BE1D130-7872-4227-AD6D-D9DCC92A61E5}\UpgradeHelper.exe
File name: UpgradeHelper.exeSize: 262.14 KB (262144 bytes)
MD5: ad1a6b291341f57a121783a319a3404d
Detection count: 95
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Dropbox\{0BE1D130-7872-4227-AD6D-D9DCC92A61E5}
Group: Malware file
Last Updated: November 12, 2012
%APPDATA%\83ALuOH.exe
File name: 83ALuOH.exeSize: 232.44 KB (232448 bytes)
MD5: 40f55b80aa1b8900197904e4494fec4e
Detection count: 80
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: December 17, 2012
%SystemDrive%\Documents and Settings\Shruthi\Start Menu\Programs\Startup\gyokq.exe
File name: gyokq.exeSize: 117.24 KB (117248 bytes)
MD5: 1ac6598d68f7f7c50f9589132c5bb9f0
Detection count: 65
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Documents and Settings\Shruthi\Start Menu\Programs\Startup
Group: Malware file
Last Updated: January 17, 2012
file.exe
File name: file.exeSize: 1.08 MB (1089310 bytes)
MD5: 1b116181b38b3b414da02f09ea142e9e
Detection count: 65
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: November 17, 2016
%APPDATA%\skype.dat
File name: skype.datSize: 65.02 KB (65024 bytes)
MD5: 06956b0f41300d476fb83fc63e64bc97
Detection count: 52
File type: Data file
Mime Type: unknown/dat
Path: %APPDATA%
Group: Malware file
Last Updated: December 20, 2012
%SystemDrive%\Users\<username>\Start Menu\Programs\Startup\yrahiw.exe
File name: yrahiw.exeSize: 118.27 KB (118272 bytes)
MD5: f47751d13cf32bd1f6d8e6834fdc0865
Detection count: 50
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Users\<username>\Start Menu\Programs\Startup
Group: Malware file
Last Updated: February 8, 2012
%SystemDrive%\Documents and Settings\Bob\Start Menu\Programs\Startup\pevoco.exe
File name: pevoco.exeSize: 196.09 KB (196096 bytes)
MD5: 8df0c89648bd8eb80c82c63bd9bffcb6
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Documents and Settings\Bob\Start Menu\Programs\Startup
Group: Malware file
Last Updated: January 16, 2012
%APPDATA%\Fudax\kagyn.exe
File name: kagyn.exeSize: 137.21 KB (137216 bytes)
MD5: d7a2a72bbae0760f4772bffc3ed116d4
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Fudax
Group: Malware file
Last Updated: August 21, 2012
%APPDATA%\x1lalz1kdane1gqbixjcwuzzgvyplqbe2\svcnost.exe
File name: svcnost.exeSize: 115.71 KB (115712 bytes)
MD5: ba9066bb27344c4a74a67f51fc51e258
Detection count: 22
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\x1lalz1kdane1gqbixjcwuzzgvyplqbe2
Group: Malware file
Last Updated: January 30, 2012
%SystemDrive%\Documents and Settings\Guest\Start Menu\Programs\Startup\xauras.exe
File name: xauras.exeSize: 158.2 KB (158208 bytes)
MD5: e6bda8657f7e1e16755c8037b8620ee2
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Documents and Settings\Guest\Start Menu\Programs\Startup
Group: Malware file
Last Updated: January 30, 2012
%SystemDrive%\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ahwuo.exe
File name: ahwuo.exeSize: 192 KB (192001 bytes)
MD5: a8b9ddd0d17f35fe5d4c35a89ded2798
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Group: Malware file
Last Updated: December 3, 2012
%SystemDrive%\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zeruq.exe
File name: zeruq.exeSize: 299.27 KB (299272 bytes)
MD5: 81227ea07cd172180698580b41c4e109
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Group: Malware file
Last Updated: February 6, 2013
%SystemDrive%\Documents and Settings\Administrator\Start Menu\Programs\Startup\oqaq.exe
File name: oqaq.exeSize: 142.33 KB (142336 bytes)
MD5: 12dfa07d9d0d5de46d4681cb0ccee952
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Documents and Settings\Administrator\Start Menu\Programs\Startup
Group: Malware file
Last Updated: September 10, 2012
%SystemDrive%\Users\<username>\Start Menu\Programs\Startup\mesoa.exe
File name: mesoa.exeSize: 117.24 KB (117248 bytes)
MD5: c631b06107131e1891cf64bcee0f8fc0
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Users\<username>\Start Menu\Programs\Startup
Group: Malware file
Last Updated: January 17, 2012
%APPDATA%\Qyih\ikaf.exe
File name: ikaf.exeSize: 219.49 KB (219495 bytes)
MD5: 42fdfd374f3b6ac6c9621325c5d370bd
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Qyih
Group: Malware file
Last Updated: August 31, 2012
%SystemDrive%\Documents and Settings\Administrator\Start Menu\Programs\Startup\ekeww.exe
File name: ekeww.exeSize: 118.27 KB (118272 bytes)
MD5: 2a2580e77edf6d1a80e49934bb0e1914
Detection count: 6
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Documents and Settings\Administrator\Start Menu\Programs\Startup
Group: Malware file
Last Updated: January 2, 2012
%SystemDrive%\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ytze.exe
File name: ytze.exeSize: 292.35 KB (292352 bytes)
MD5: 490763428fd9abf379638aae5bccfc41
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Group: Malware file
Last Updated: October 22, 2012
%APPDATA%\RnvbG UFnBTbmzQ\eHRFhkpXr.exe
File name: eHRFhkpXr.exeSize: 872.96 KB (872960 bytes)
MD5: 49509701af157a56409774224d99f790
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\RnvbG UFnBTbmzQ
Group: Malware file
Last Updated: January 14, 2013
%APPDATA%\366F95\366F95.exe
File name: 366F95.exeSize: 110.59 KB (110592 bytes)
MD5: 1bfef062e53f54d5beb4413ddcc683b0
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\366F95
Group: Malware file
Last Updated: March 21, 2013
%ALLUSERSPROFILE%\Local Settings\Temp\msrerkua.scr
File name: msrerkua.scrSize: 40.44 KB (40448 bytes)
MD5: 95b992ee6f22221c0d9fa482d050b916
Detection count: 5
Mime Type: unknown/scr
Path: %ALLUSERSPROFILE%\Local Settings\Temp
Group: Malware file
Last Updated: March 12, 2013
%WINDIR%\Roamer\svd.exe
File name: svd.exeSize: 148.48 KB (148480 bytes)
MD5: 6f022949743f2ea44116cebfdb9ff232
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\Roamer
Group: Malware file
Last Updated: April 16, 2013
More files
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.