PWS:Win32/Zbot.gen!Y, also called W32/Zbot.YFP is a banker Trojan that attempts to steal passwords and other forms of confidential information that are related to online banking activities. As of December 2011, PWS:Win32/Zbot.gen!Y is a newly-developed variant of the well-known Zeus banker Trojan and is distributed by fake Adobe updates that are delivered in the form of e-mail file attachments. SpywareRemove.com malware research team notes that no reputable company, including Adobe, distributes software updates by using e-mail attachments like the ones that PWS:Win32/Zbot.gen!Y uses to install itself. Even though PWS:Win32/Zbot.gen!Y should be considered an extreme privacy and security threat to your PC, symptoms of a PWS:Win32/Zbot.gen!Y infection can be negligible, and you should use reputable anti-malware products to detect or remove PWS:Win32/Zbot.gen!Y whenever it’s necessary to do so.
Keeping an Eye on This Adobe-Brand Fake-Out
PWS:Win32/Zbot.gen!Y e-mail messages can be identified by their inclusion of an ‘AdobeSystems-Software_Critical Update Dec_2011-[Random numbers].zip’ file attachment, within which lies the compressed executable for PWS:Win32/Zbot.gen!Y. Although e-mail spam that carries PWS:Win32/Zbot.gen!Y will pretend to be an important update for Acrobat Reader, no form of trustworthy company distributes software updates in this fashion, and these e-mail messages should be immediately-deleted to protect your PC from PWS:Win32/Zbot.gen!Y. Other signs of a PWS:Win32/Zbot.gen!Y-propagating e-mail include an ‘Adobe Software Critical Upgrade Notification ID: M29MGJW7CN3′ subject line and a faked ‘Adobe Update Notification email@example.com’ sender address.
As long as you delete these e-mail messages as soon as you see them and avoid interaction with their file attachments, your PC should remain untouched by PWS:Win32/Zbot.gen!Y.
Observations on the Threats That PWS:Win32/Zbot.gen!Y Poses to Your Bank and Related Finances
As a Trojan, PWS:Win32/Zbot.gen!Y will attempt to avoid notice and may not show visible symptoms of being on your PC. However, risks that SpywareRemove.com malware experts have found to be associated with PWS:Win32/Zbot.gen!Y infections include:
- Theft of personal information, such as account passwords, credit card numbers, PINs and other forms of identity or bank-related info. PWS:Win32/Zbot.gen!Y may scan files for cached information, monitor information that you enter from certain websites or record your keyboard input.
- Loss of security with respect to your network ports and your firewall, both of which may be attacked to allow PWS:Win32/Zbot.gen!Y to send stolen information to remote criminals.
- Accessibility problems with respect to anti-malware and security programs that could help you detect or delete PWS:Win32/Zbot.gen!Y.
If PWS:Win32/Zbot.gen!Y has infected your PC, you should strive to avoid entering unnecessary information until you’ve taken steps to find and remove PWS:Win32/Zbot.gen!Y with a good anti-malware application. You should also speak with a representative from your bank to prevent any possibility of fraud or undesired attacks on your bank account. Although PWS:Win32/Zbot.gen!Y is still a new PC threat as of December 2011, many types of PC security brands have identified and can combat PWS:Win32/Zbot.gen!Y infections with all due effectiveness. You may also see PWS:Win32/Zbot.gen!Y detected as PWS-Zbot.gen.hb.
Trj/Spy.AB [Panda]PSW.Generic8.BFLK [AVG]W32/Zbot.AT!tr [Fortinet]SScope.Trojan.FakeAV.01110 [VBA32]Win-Trojan/Zbot.141824.AO [AhnLab-V3]TrojanSpy.Zbot.abiz [Jiangmin]Win32/Zbot.EGB [eTrust-Vet]Troj/PWS-BSF [Sophos]TR/Hijacker.Gen [AntiVir]Trojan.Agent/Gen-Frauder [SUPERAntiSpyware]
More aliases (514)
PWS:Win32/Zbot.gen!Y Automatic Detection Tool (Recommended)
Is your PC infected with PWS:Win32/Zbot.gen!Y? To safely & quickly detect PWS:Win32/Zbot.gen!Y, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect PWS:Win32/Zbot.gen!Y What happens if PWS:Win32/Zbot.gen!Y does not let you open SpyHunter or blocks the Internet?
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
- The following files were created in the system:
Posted: December 21, 2010 | By SpywareRemove
Threat Level: 8/10
Rate this article:
Detection Count: 700