I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
Worm AMN
Also known as: Trojan ZBot, Worm Autoit
SHA256: 13aa81245647626e57702861e8ba610368f35cbaf10588a3e2589dceb3949d3a
SHA1: bef8b9501163a56d55c239709bc32b3d2a91f9e8
MD5: 49797ece53417ec0756399c80b6aa7de
File size: 929126 bytes
Created files:
%Program Files%\Microsoft\WaterMark.exe – Worm AMN
%SysDir%\system3_.exe – Worm AMN
%WinDir%\system3_.exe – Worm AMN
%Common AppData%\Apple Computer\Installer Cache\Safari 5.34.52.7\SetupAdmin.exe – Worm AMN
Worm AMN created autostart registry keys:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: c:\windows\System32\userinit.exe,,c:\program files\Microsoft\watermark.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe System3_.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Yahoo Messengger: %WinDir%\System32\System3_.exe