PWS:Win32/Zbot.gen!Y

PWS:Win32/Zbot.gen!Y Description

PWS:Win32/Zbot.gen!Y, also called W32/Zbot.YFP is a banker Trojan that attempts to steal passwords and other forms of confidential information that are related to online banking activities. As of December 2011, PWS:Win32/Zbot.gen!Y is a newly-developed variant of the well-known Zeus banker Trojan and is distributed by fake Adobe updates that are delivered in the form of e-mail file attachments. SpywareRemove.com malware research team notes that no reputable company, including Adobe, distributes software updates by using e-mail attachments like the ones that PWS:Win32/Zbot.gen!Y uses to install itself. Even though PWS:Win32/Zbot.gen!Y should be considered an extreme privacy and security threat to your PC, symptoms of a PWS:Win32/Zbot.gen!Y infection can be negligible, and you should use reputable anti-malware products to detect or remove PWS:Win32/Zbot.gen!Y whenever it’s necessary to do so.

Keeping an Eye on This Adobe-Brand Fake-Out

PWS:Win32/Zbot.gen!Y e-mail messages can be identified by their inclusion of an ‘AdobeSystems-Software_Critical Update Dec_2011-[Random numbers].zip’ file attachment, within which lies the compressed executable for PWS:Win32/Zbot.gen!Y. Although e-mail spam that carries PWS:Win32/Zbot.gen!Y will pretend to be an important update for Acrobat Reader, no form of trustworthy company distributes software updates in this fashion, and these e-mail messages should be immediately-deleted to protect your PC from PWS:Win32/Zbot.gen!Y. Other signs of a PWS:Win32/Zbot.gen!Y-propagating e-mail include an ‘Adobe Software Critical Upgrade Notification ID: M29MGJW7CN3′ subject line and a faked ‘Adobe Update Notification no-reply@adobe.com’ sender address.

As long as you delete these e-mail messages as soon as you see them and avoid interaction with their file attachments, your PC should remain untouched by PWS:Win32/Zbot.gen!Y. However, if you do open this file attachment, PWS:Win32/Zbot.gen!Y will infect your computer and begin a series of attacks that are aimed at stealing private and bank-related information.

Observations on the Threats That PWS:Win32/Zbot.gen!Y Poses to Your Bank and Related Finances

As a Trojan, PWS:Win32/Zbot.gen!Y will attempt to avoid notice and may not show visible symptoms of being on your PC. However, risks that SpywareRemove.com malware experts have found to be associated with PWS:Win32/Zbot.gen!Y infections include:

• Theft of personal information, such as account passwords, credit card numbers, PINs and other forms of identity or bank-related info. PWS:Win32/Zbot.gen!Y may scan files for cached information, monitor information that you enter from certain websites or record your keyboard input.
• Loss of security with respect to your network ports and your firewall, both of which may be attacked to allow PWS:Win32/Zbot.gen!Y to send stolen information to remote criminals.
• Accessibility problems with respect to anti-malware and security programs that could help you detect or delete PWS:Win32/Zbot.gen!Y.

If PWS:Win32/Zbot.gen!Y has infected your PC, you should strive to avoid entering unnecessary information until you’ve taken steps to find and remove PWS:Win32/Zbot.gen!Y with a good anti-malware application. You should also speak with a representative from your bank to prevent any possibility of fraud or undesired attacks on your bank account. Although PWS:Win32/Zbot.gen!Y is still a new PC threat as of December 2011, many types of PC security brands have identified and can combat PWS:Win32/Zbot.gen!Y infections with all due effectiveness. You may also see PWS:Win32/Zbot.gen!Y detected as PWS-Zbot.gen.hb.

Aliases

More aliases (514)

PWS:Win32/Zbot.gen!Y Automatic Detection Tool (Recommended)

Technical Details

Home Malware ProgramsTrojans PWS:Win32/Zbot.gen!Y