Trojan: Trojan.Botnetlog.9

• Virus type: Trojan horse
• Affects: Windows 95 and up
• Other names for Trojan.Botnetlog.9: Trojan.Win32.Agent, Trojan.Win32.Inject, VirTool:Win32/Obfuscator

Description

Trojan.Botnetlog.9 is a Trojan horse program of a family that is designed to steal information from websites that you visit. It is typically received as an attachment to an email, which contains some incitement to open (execute) the attachment. It is not a virus, and cannot spread by itself.

Once executed, the Trojan copies itself to a file with a randomly generated name and creates an entry in the Windows Registry so that it is started whenever Windows starts.

While the Trojan is running, it sends information about websites that you visit back to a central server. Such information may include banking details or other personal information.

Some variants of the Trojan have the ability to download, install and execute files such as adware, which displays unwanted ads. They are able to modify the system "hosts" file in order to redirect your web browser to fake web pages which can be used to steal banking and other login information.

Prevention

To avoid allowing Trojan.Botnetlog.9 and similar Trojans on to your computer:

• Be suspicious of emails from unknown sources containing executable attachments. See How to detect Internet worms.
• Use a good anti-virus that detects Trojans as well as viruses, such as Kaspersky AntiVirus or Dr.Web anti-virus.

Removal

Manual removal

To remove Trojan.Botnetlog.9 manually:

• Use a virus scanner to determine the identity of the executable file containing the Trojan, then use the Windows Task Manager to terminate it.
• Using the Registry Editor, expand HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run and/or HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, and delete the value containing a path to the Trojan executable file identified above.
• Disable System Restore, in order that copies of the Trojan are not saved to the restore folder. (Note: this may cause Windows to restart and you will lose your earlier restore points.)
• Delete the Trojan executable file from the system.
• Update and run your virus scanner to ensure that no other unwanted files are present.
• Re-enable System Restore and force a restore point.

Because some variants of this Trojan are known to alter the system hosts file in order to redirect web browsers to fake sites, it is advisable to check the contents of the hosts file and repair it if necessary. See How to check and repair the hosts file.

Automated removal

To remove Trojan.Botnetlog.9 please see our tutorial Help! I've got a virus!

Professional hands-on removal

If you are not confident about being able to remove the Trojan yourself, you can purchase the Virus Removal and Computer Tune-Up package and a professional technician will connect to your computer via your Internet connection and remove it for you.

More information

• Trojan.Botnetlog.9 at Dr.Web

• Tech-Pro
• Home
• About us
• Contact us
• Tech-Pro.net on Facebook
• Search

• Products
• New additions RSS
• Most popular
• Recommended products
• Get software FREE!
• FREE wallpapers
• Buyer's guides
• Buy anti-spyware software
• Buy anti-virus software
• Buy backup software
• Buy data recovery software
• Buy registry cleaners
• How to
• Clean up a virus infection
• Fix missing NTLDR / HAL.DLL
• Fix unable to change wallpaper
• Open rar file / 7z file / ISO file
• Recover deleted files / emails
• Recover lost files / photos
• Recover Word documents
• Reset administrator password
•   more how-tos...
• Articles
• Code signing for developers
• How USB works
• TCP/IP basics
• The Windows Registry
• Windows Drivers
•   more articles...