Win32.Kbot

Win32.Kbot is a backdoor RAT (Remote Administration Tool) and when it has invaded your system and launched, the backdoor component will inject itself into the “svchost.exe” process.  This will open the backdoor for the hacker or any other additional malware to enter through.

It will then carry out DDoS attacks on the system.  This will include: SYN Flood, ICMP Flood and UDP Flood attacks.

AKA:
Trojan.Crypt.ZPACK.Gen,
Generic!Artemis
BKDR_KBOT.CI
Trojan.Fakealert.FB
Backdoor/Win32.Kbot.gen
Win32.VirToolObfusca
TR/Crypt.ZPACK.Gen
Backdoor.Kbot.ks
Backdoor.Kbot.IZ
Cryp_Naix-5

Related Files:
%System%mssrv32.exe

Category:
Backdoor
RAT

Recommended Action:
Remove at once.

Remove Win32.Kbot manually by using Task Manager to identify and extricate the processes, files, folders and registry values and keys related to the program.  This is a labor intensive process that requires a sound knowledge of computer programming.  If you do not fit this profile then perhaps an automatic system is a safer choice.

ZookaWare PC Cleaner offers automatic and speedy removal of all existing spyware from your PC and, in addition, protection from additional attacks.  ZookaWare PC Cleaner can keep you secure from spyware by running regular scans to identify and remove imminent threats to your system.  ZookaWare PC Cleaner also offers an unbeatable guarantee of 100% spyware removal or your money back.

Download Free Scan
ZookaWare runs on Windows Vista, 7, 8 and 10. It has no ads, popups or bundled software and fully uninstalls by clicking Start > All Programs > select ZookaWare and click Uninstall.

One Response

  1. Fergie says:

    SpyZooka works as advertised. It found Win32.Kbot. It removed that and some tracking cookies. Thanks!

Leave a Reply

Your email address will not be published. Required fields are marked *

css.php