Skip to main content
Published Jun 28, 2010 | Updated Sep 15, 2017

TrojanSpy:Win32/Neetro.A

Detected by Microsoft Defender Antivirus

Aliases: W32/Backdoor2.EJZJ (Command) Win32/Spy.Zbot.UN (ESET) Backdoor.Win32.Haver.eh (Kaspersky) W32/Havar.EX (Norman) Trj/Sinowal.WXO (Panda) Mal/VB-AB (Sophos) Trojan.Zbot (Symantec) BKDR_HAVAR.AQ (Trend Micro) Backdoor.Havar.EO (VirusBuster)

Summary

TrojanSpy:Win32/Neetro.A is a generic detection for certain obfuscated malware. The loader, which is encrypted and written in Visual Basic, may have virtually any purpose. This trojan may drop and execute a copy of PWS:Win32/Zbot.gen!V.
Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as Microsoft Security Essentials, or the Microsoft Safety Scanner. For more information about using antivirus software, see http://www.microsoft.com/security/antivirus/av.aspx.
Follow us