TSPY_ZBOT.HEK
TSPY_ZBOT.HEK is spyware which spreads as a file downloaded from a remote URL. On entering a computer system, TSPY_ZBOT.HEK will connect with a remote server and download a file that contains information on where the spyware can download a copy of itself and where to send stolen information. TSPY_ZBOT.HEK will attempt to steal a victim's online banking details such as usernames and passwords. Then TSPY_ZBOT.HEK will send the gathered information to a remote URL via HTTP POST. HTTP POST is a dangerous computer infection that should be removed from an infected PC immediately after detection.
File System Details
# | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|
1. | %System%\lowsec\user.ds |