The new Zeus Trojan Pandemiya-How it works How it comes and how to remove it ~ SAMPATKUMARI'S Blog "PARISHKAR"

The new Zeus Trojan Pandemiya-How it works How it comes and how to remove it

The new Zeus Trojan Pandemiya - How it works How it comes and how to remove it- The new commercial Trojan Pandemiya developed as an alternative to an existing notorious Zeus Trojan. The main object of the commercial Trojan Pandemiya is to collect sensitive data, stealing confidential files and login details off of the victim. Fake web pages like lotteries, surveys, etc. are injected to the web browser of the user to gather more victim. The Trojan Pandemiya is capable of taking snapshots of the infected PC screen and transmit it to the remote server. The Trojan Pandemiya is not yet a wide spread Trojan. It may be due to the high cost(Around 2000% per copy) charged by the Cyber criminals who developed it but may change in the near future
The new Zeus Trojan Pandemiya-How it works How it comes and how to remove it
The new Zeus Trojan Pandemiya-How it works How it comes and how to remove it
 It is very difficult to detect the Trojan Pandemiya in a system.

How Zeus Trojan Pandemiya Works


·                     Pandemiya encrypts communication with Control Panel.
·                     Due to encrypted communication it can not bedetected by network analyzers.
·                     Trojan Pandemiya is capable of infecting all popular web browsers like Google Chrome,      Mozilla Firefox and windows Internet Explorer.
·                     Trojan Pandemiya loads automatically every time Windows starts
·                     Uses source code different from Trojan.
·                     Uses a large number of original ‘C’ codelines.

How you get infected by Zeus Trojan Pandemiya


·         If you open an infected website your PC will get infected automatically with Trojan Pandemiya.
·         The Trojan Pandemiya will immediately install .exe file.
·         The .exe file will infect all the user and system files.
·         To hide it self Trojan Pandemiya use a random name.
·         The Trojan Pandemiya will modify the registry key value to ensure the Trojan runs every time the user turn on his computer.
·         Trojan Pandemiya will immediately create a dynamic link library file adding a registry value linked to the DLL in the registry key.
·         Now it will be capable of entering new process.

How to remove Zeus Trojan Pandemiya from your system


·                     Go to All Users/Application Data folder.
·                     Find the registry key ‘HKEY_LOCAL_USER Software Microsoft Windows Current Version Run’, note the name and remove the registry value.
·                     Locate the registry key HKEY_LOCAL_MACHINE System Current Control Set Control Session Manager App CertDlls.
·                     Find the value with the same name as .exe file that you noted and delete the value from the registry.
·                     Now the Trojan Pandemiya has been removed from the system but its remains are there so to remove the remains delete the files you noted.





0 comments:

Post a Comment