Trojan.Zlob.2.Gen
( Trojan.Popuper, Trojan.Zlob, Win32/TrojanDownloader.Zlob, MalwareScope.Downloader.Zlob.1 )
|
Spreading:
|
medium
|
|
|
Damage:
|
low
|
|
Size:
|
2K up to 100K
|
|
Discovered:
|
2006 Apr 14
|
SYMPTOMS:
Symptoms related to this malware may include:
- Abnormal internet activity
- Internet Explorer's start page has changed
- Changes in the Hosts file (%system%\drivers\etc\hosts)
TECHNICAL DESCRIPTION:
Trojan.Zlob.2.Gen is a generic detection for many variants of this popular polymorphic malware.
When this malicious software is executed it usualy performs the following actions:
- Creates copies of itself in the %system% folder
- Adds one or more entries in the registry allowing it to run at system start up
- Injects its code into other processes (explorer.exe, winlogon.exe, svchost.exe, spoolsv.exe etc.)
- Reconfigures the Internet Explorer's start page
- Connects to remote addresses in order to report its status and other informations
- Downloads and executes unwanted files
Removal instructions:
Please let BitDefender disinfect your files.
ANALYZED BY:
Marius Vanta, virus researcher
