SoftwareTipsandTricks.com
Home Forums Windows 7 Security Tips
Forums

Windows 7
Windows Vista
Windows XP

Security Tips
Troubleshooting
Keyboard Shortcuts
Encyclopedia


Drivers

Internet Terms
Computer Terms

File Extensions (75)
File Extensions (15K+)

Startup Applications
Necessary Files
Useless Files
At Your Option Files
Dangerous Files
Browser Objects

DLL Files
SYS Files
INF Files
OCX Files
VXD Files

Virus Database
Virus Warnings

Easter Eggs
Tips and Tricks
Articles
Hot Downloads


Privacy Policy
Contact Us







  winkrnl386.exe

Name winkrnl386.exe

Description

Also Known as TrojanProxy.Win32.Zebroxy [KAV]
Backdoor.Zebroxy is a Trojan that opens port 8173 and runs as a proxy server under Windows 2000/XP.

When Backdoor.Zebroxy is run, it does the following:

1. Adds the string value:
"Microsoft Windows Kernel Services"="%System%\winkrnl386.exe"
to the registry keys:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
and:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
so that the Trojan runs when you start Windows.

2. Modifies the string value:
"EnableDCOM"="N"
to the registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
to diseble remote connections using DCOM

3. Opens TCP port 8173 and runs as a proxy server.

Following the instructions to remove this trojan:

1. Restart the computer in Safe mode.
2. Open your antiviral application and run a full system scan and delete all the files detected as Backdoor.Zebroxy.
3. Deleting the value from the registry:

a. Select the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
and delete the value:
"Microsoft Windows Kernel Services"="%System%\winkrnl386.exe"

b. After that navigate to the key:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
and delete the value:
"Microsoft Windows Kernel Services"="%System%\winkrnl386.exe"

c. And go to the key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
set the value for "EnableDCOM" to:
"EnableDCOM"="Y"


Still have a problem? Ask for help at our discussion forum.



Search Dangerous Files :
 

: : Recent posts at Forums : :

Latina Ass - Black momy boobsy# 2589221

Grown up galleries

Оптом - ВЕЧНАЯ

Big Blacks Grl!Old Fat puss !# 3609340

Sexual pictures

Gay blogging rite, Habitually photos

Mature galleries

Fat Puss Boobs!Blacks Girl photos!# 9215155

Big Blacks Grl!Old Fat puss !# 9701925

967bxwpn

My unfamiliar website

Unique domestic page as concoct

Grown up site

Mod Protrude

Open matured galleries

My unfamiliar website

wtff1u4z

Social pictures

prztyo Young Muslims add glam to their hijabs

Hardcore Gay photo blogging service

New home stage as project

My new website

Communal pictures

Mature galleries

ysyimtpd

9pgk23gf

Social pictures

My unfamiliar website

драйвер для п&

My new website




SoftwareTipsandTricks, All Rights Reserved.