Windows Worm of the Day Zotob Attacks Plug and Play (a/k/a Botzor.exe, but not “Zobot”)

The Internet Patrol - Patrolling the Internet for You


[Breaking News! Tuesday, August 16th: Zotob May Be Responsible for Computer Crashes Across the U.S. Read Here]

Today’s Windows worm, brought to you by the letters Plug and Play, is the worm Zotob. Zotob attacks a flaw in the Windows “Plug and Play” feature, and also is known by the name of the program it leaves on your hard drive, “Botzor.exe”. (Some are mistakenly calling it “Zobot”, an easy mistake to make.)


Zotob (or Botzor.exe) happily munches through holes in the Plug and Play flaws in Windows 95, 98, ME, NT, 2000, and XP (but not properly patched versions of XP Service Pack 2), where it will prevent you from accessing online assistance at your antivirus vendor’s website, and, more insidiously, where it will connect to an IRC server, providing hackers access to and control over your system.

According to a statement issued by Microsoft, “Microsoft’s investigation into this malicious act is ongoing so that we can continue to understand how we can help support customers. We are working closely with our anti-virus partners and aiding law enforcement in its investigation.”
Fortunately, the Zobot worm can be thwarted from infecting computers and depositing its nasty Boztor.exe by a patch issued by Microsoft just this past week.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.