WORM_ZIMUS.B
WORM_ZIMUS.B is a variation of WORM_ZIMUS.A and may be downloaded unknowingly by a user when visiting malicious Web sites. It arrives via removable drives. WORM_ZIMUS.B creates folders, drops copies of itself and files/components. WORM_ZIMUS.B registers itself as a system service to ensure its automatic execution at every system startup by creating registry keys/entries. As a result, programs and applications may not run properly. Delete WORM_ZIMUS.B before it creates chaos on your system.
File System Modifications
- The following files were created in the system:
# File Name 1 %Program Files%\Dump 2 %Program Files%\Dump\Dump.exe 3 %System Root%\IQTEST 4 %System Root%\IQTEST\Iqtest.exe 5 %System Root%\IQTEST\Readme.txt 6 %System%\ainf.inf 7 %System%\drivers\Mseu.sys - also detected as WORM_ZIMUS.B 8 %System%\drivers\Mstart.sys - also detected as WORM_ZIMUS.B 9 %System%\mseus.exe - also detected as WORM_ZIMUS.B 10 %System%\tokset.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\HKEY..\..\..\..{RegistryKeys}Dump = "%Program Files%\Dump\Dump.exe"Windows\CurrentVersion\Run
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.