Win32.Kbot
Win32.Kbot is a backdoor RAT (Remote Administration Tool) and when it has invaded your system and launched, the backdoor component will inject itself into the “svchost.exe” process. This will open the backdoor for the hacker or any other additional malware to enter through.
It will then carry out DDoS attacks on the system. This will include: SYN Flood, ICMP Flood and UDP Flood attacks.
AKA:
Trojan.Crypt.ZPACK.Gen,
Generic!Artemis
BKDR_KBOT.CI
Trojan.Fakealert.FB
Backdoor/Win32.Kbot.gen
Win32.VirToolObfusca
TR/Crypt.ZPACK.Gen
Backdoor.Kbot.ks
Backdoor.Kbot.IZ
Cryp_Naix-5
Related Files:
%System%mssrv32.exe
Category:
Backdoor
RAT
Recommended Action:
Remove at once.
Remove Win32.Kbot manually by using Task Manager to identify and extricate the processes, files, folders and registry values and keys related to the program. This is a labor intensive process that requires a sound knowledge of computer programming. If you do not fit this profile then perhaps an automatic system is a safer choice.
SpyZooka offers automatic and speedy removal of all existing spyware from your PC and, in addition, protection from additional attacks. SpyZooka can keep you secure from spyware by running regular scans to identify and remove imminent threats to your system. SpyZooka also offers an unbeatable guarantee of 100% spyware removal or your money back.
SpyZooka works as advertised. It found Win32.Kbot. It removed that and some tracking cookies. Thanks!