Trojan.Disabler.N
VERY LOW
VERY LOW
6144
(Trojan.Win32.Disabler.ar, Trj/Flashy.B, Tr/Disabler.AR)
Symptoms
- Unexpected disabling of Windows Update and FireWall services, due to the fact that the Trojan drops and executes a specially crafted batch file that attempts to modify the Windows Regisrty associated with the Windows Update and Firewall services.
Removal instructions:
Please let BitDefender disinfect your files.
Analyzed By
Suiu Andrei, virus researcher
Technical Description:
- The Trojan disables the Windows Firewall and Update services. More specifically, the dropped batch file adds two Registry keys in the Windows Update section of the Registry. Upon successfully completing the task, the batch script automatically removes itself from the system.
SHARE
THIS ON