Blog Frog: W32.Zotob.D

Monday, September 05, 2005

W32.Zotob.D

Zotob D, W32.Zotob.D, is a memory-resident worm, which copies itself to the Windows System folder as Windrg32.exe, and uses the Microsoft Windows Plug and Play Buffer Overflow Vulnerability to spread across networks. Zotob creates a registry key to re-run itself on start-up, contains a backdoor, and can follow simple commands from remote users. Finally, Zotob attempts to delete other malware and spyware from the infected system and from its registry too.

<< Home

: Name: A. Ryan Robbins; Location: Calgary, Alberta, Canada

A. Ryan Robbins, the Blog Frog, runs ycopfiles.com. Why cop files dot com? It’s Anti-Virus Information Security articles for the Law Enforcement community! A. Ryan Robbins, who was born in Canada in 1972, is an avid fly fisherman, a writer, teacher, public speaker, reviewer, presenter, publisher, web site developer, and search engine optimizer. He has worked previously for two different Law Enforcement Agencies, and several different private security organizations performing many different private and personal security roles. He has three degrees in Criminology, including a split-minor in Law and Abnormal Psychology, and has been involved with computers and the Internet for many years. A. Ryan Robbins is also involved with Anti-Virus Information Security through ycopfiles.com.

View my complete profile

Blog Frog

Monday, September 05, 2005

W32.Zotob.D

About Me

Previous Posts