Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Zbot, the botnet in a box

13 Oct 2010   #1

Win 7 Ultimate 64-bit. SP1.
Zbot, the botnet in a box


This month, the MSRT team has added detection and removal for Zbot, one of the most widely known active botnets today. Although the malware itself is quite complex and varied, the technical acumen required to use and distribute it is actually quite low. Toolkits to create the malware are easily attainable and quite simple to use as the following screenshot shows.

Underground forums are teeming with questions ranging from the very basics about configuring the malware to people boasting about the size of their botnets. Even the botnet controllers are themselves quite varied, from apparent hobbyists to those that likely have more nefarious intent.

This family is quite prolific even if the intent behind some of the botnets is unclear. That said, we find ourselves knocking on Zbot’s door this month, and we’re glad we are. Zbot is the latest addition to MSRT’s ever-growing list of malware, and we hope to continue protecting the Windows ecosystem with this new family firmly in our sights.
Source -
MSRT on Zbot, the botnet in a box - Microsoft Malware Protection Center - Site Home - TechNet Blogs

My System SpecsSystem Spec

13 Oct 2010   #2

Win 7 Ultimate 64-bit. SP1.


New ZeuS Variant Uses File Infector to Prolong its Life

Security researchers have confirmed their suspicion, that a recently discovered file infector dubbed Licat serves to make ZeuS infections more persistent.

Licat has the characteristics of a traditional virus, as it adds malicious code to all EXE, DLL and HTML files detected on an infected system.

However, the new threat also features an update mechanism based on an URL-generation algorithm, that is suspiciously similar to the one used by the Conficker worm.

Malware researchers from Trend Micro are now certain that Licat is dropped on computers by a new variant of the ZeuS trojan, which is delivered via infected websites.

Every time files infected by the virus are executed, the rogue code inside them generates URLs and attempt to contact them.

This method is used by attackers to serve new variants of Zbot (ZeuS Bot), which in turn drop new versions of Licat and the cycle repeats all over again.
More -
New ZeuS Variant Uses File Infector to Prolong its Life - Softpedia
My System SpecsSystem Spec
13 Oct 2010   #3

Systems 1 and 2: Windows 7 Enterprise x64, Win 8 Developer

Jan, thanks for the info. I'll pass it on to our university IT listserv...
My System SpecsSystem Spec

14 Oct 2010   #4

W7-Enterprise + WS-2008 (Converted to Workstation)

hi !

thanks for the info JMH !
My System SpecsSystem Spec

 Zbot, the botnet in a box

Thread Tools

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 10:37 PM.
Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App