Troj/Bckdr-ZLB is a backdoor Trojan for the Windows platform, which allows a remote intruder to gain access and control over the computer.
Troj/Bckdr-ZLB copies itself to "<system folder>\drivers\own\".
Troj/Bckdr-ZLB creates rdisk.dll and skeys.dll.
Troj/Bckdr-ZLB creates registry entries
HKLM\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters
ServiceDll
<System Folder>\wauserv.dll
HKLM\SYSTEM\Controlset001\Services\wuauserv\Parameters
ServiceDll
<System Folder>\wauserv.dll
HKLM\SYSTEM\Controlset002\Services\wuauserv\Parameters
ServiceDll
<System Folder>\wauserv.dll
HKLM\SYSTEM\Controlset003\Services\wuauserv\Parameters
ServiceDll
<System Folder>\wauserv.dll
Troj/Bckdr-ZLB downloads and uploads code from internet.
Troj/Bckdr-ZLB sends keyboard record.