Home Malware Programs Worms WORM_ZIMUS.A

WORM_ZIMUS.A

Posted: January 29, 2010

WORM_ZIMUS.A may be downloaded unknowingly by a user when visiting malicious Web sites. It arrives via removable drives. WORM_ZIMUS.A creates folders, drops copies of itself and files/components. WORM_ZIMUS.A registers itself as a system service to ensure its automatic execution at every system startup by creating registry keys/entries. As a result, programs and applications may not run properly. Delete WORM_ZIMUS.A before it creates chaos on your system.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %Program Files%\Dump
    2 %System%\tokset.dll

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\HKEY..\..\..\..{RegistryKeys}Dump = "%Program Files%\Dump\Dump.exe"Windows\CurrentVersion\Run
Loading...