Protector Plus Download Antivirus
Home
Download Antivirus
Antivirus Products
Order Antivirus


Antivirus Software for Windows XP/2000/2003
Antivirus Software for Windows Me/98
Antivirus Software for Exchange 2000/2003
Antivirus Software for NetWare

W32/Zotob.D Worm

NameW32/Zotob.D Worm
AliasesWORM_ZOTOB.D, W32.Zotob.D
Discovered on 16th August, 2005

 Virus Information - W32/Zotob.D Worm:

W32/Zotob.D is a worm. This worm is a variant of W32/Zotob.A. The worm will infect Windows systems and spreads through networks.

This worm exploits PnP vulnerability present in Windows as explained by Microsoft Security Bulletin MS05-039.

Upon execution, the worm copies itself as windrg32.exe in the
Windows System\wbev folder.

It modifies the Windows registry at the following location to load itself during next startup;

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

This worm attempts to find internet connectivity by connecting to some websites in the pre-configured list.

It also tries to terminate some processes running in the infected system.

This worm will generate random IP adresses to exploit the PnP vulnerability. If the port is open on any of the generated IP address, then it will exploit that system.

Microsoft has released the patch for the MS05-039 vulnerability. It can be downloaded from the following link:

http://www.microsoft.com/technet/security/bulletin/MS05-039.mspx

Users should apply these patches downloaded from the links provided above to remove the vulnerabilities inherent in the system.

Anti virus for Windows Download Now!

Home Page Download Antivirus Antivirus Products Order Antivirus

Copyright © 2005 Proland Software.All rights reserved

antivirus software, anti virus software, anti virus, download antivirus, download anti virus, free antivirus, free anti virus, antivirus, download, free, windows, windows xp, xp, sp2, windows me, windows 2000, 98, 95, nt, me, 2003, netware, anti-virus, virus, worm, trojan, protector, plus, proland, virus software, spyware