Troj/Shutdown-F

Aliases	Trojan.BAT.Shutdown.f Bat/sdwn4 Trojan Horse
Category	Viruses and Spyware
Type	Trojan
What to do	If you've received an alert for a virus or spyware, then follow the instructions for removing the threat.
Prevalence	low high

Summary


Affected operating systems	Windows
Characteristics	Installs itself in the registry
Included in our products from	August 2005 (3.96)
Protection available since	7 July 2005 21:26:06 (GMT)
Detected by	All Sophos products

Troj/Shutdown-F is a Trojan that attempts to shut down the infected computer immediately.

Troj/Shutdown-F sets the following registry entry so as to run the file C:\Windows\Drivers.bat, usually itself, on system startup:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
MicrosoftKs =
C:\Windows\Drivers.bat

Troj/Shutdown-F has been seen dropped by Troj/Ksera-A.

Get reports about the latest virus and spyware threats delivered to your computer