it consultancy

W32 Esbot A malware

W32_Esbot_A details

  • Alias

    Backdoor.Win32.IRCBot.es [Kaspersky Lab]W32/IRCbot.gen [McAfee]W32/Sdbot-ACG [Sophos]BKDR_RBOT.BD [Trend Micro]Win32.Esbot.A, Win32.Esbot.B [Computer Associates]

  • Exe

    percentSystempercentmousebm.exe percentSystempercentmousemm.exe percentSystempercentmousesync.exe

  • Registry

    HKEY_LOCAL_MACHINESoftwareMicrosoftOLEReset the value: "EnableDCOM" = "N" HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsaReset the value: "restrictanonymous" = "1"