Home Forums Windows 7 Security Tips

Windows 7
Windows Vista
Windows XP

Security Tips
Keyboard Shortcuts


Internet Terms
Computer Terms

File Extensions (75)
File Extensions (15K+)

Startup Applications
Necessary Files
Useless Files
At Your Option Files
Dangerous Files
Browser Objects

DLL Files
SYS Files
INF Files
OCX Files
VXD Files

Virus Database
Virus Warnings

Easter Eggs
Tips and Tricks
Hot Downloads

Privacy Policy
Contact Us


Name msrege.exe


Backdoor.Zinx is a backdoor Trojan Horse that allows a hacker to use your compter as proxy and steals information.
By default it opens ports 14728 and 24759.
The Trojan is launched using an .html file that contains malicious Visual Basic Script (VBS) code.

When the .html file is opened, it does following:
Drops the q.vbs file and executes it. The file does the following:
Drops x.exe and executes it, which terminates security programs.
Downloads q.exe from a predetermined Web site and executes it.

Drops and executes the following files:

Downloads configuration information from predetermined Web sites, and then runs svchostc.exe and svchosts.exe with these configurations.
Connects to a predetermined SMTP server and sends email message to a certain email address.

The message contains following information:
- Operating system version
- Registered user name
- Organization name
- AIM user accounts
- ICQ accounts
- Trillian accounts
- Ghisler Windows Commander and Total Commander information
- SMTP and POP email accounts and passwords

Automatical remove:
Use antivirus (also check How To Remove section)Startup Opimizer.
And navigate to the %System% folder and delete the svchosts.exe and svchostc.exe files.

Still have a problem? Ask for help at our discussion forum.

Search Dangerous Files :

: : Recent posts at Forums : :

Fatal error: Incompatible file format: The encoded file has format major ID 1, whereas the Loader expects 7 in /home/software/public_html/forum/includes/functions_vbseo.php on line 0