Mal/Zbot-FV

Mal/Zbot-FV is a backdoor Trojan and spyware program that's often distributed by the same spam e-mail files that also carry Mal/BredoZp-B. Mal/Zbot-FV may be used to install other PC threats, circumvent your computer's security software or steal private information in a concealed manner, and as such, should be considered a high-level threat. Since it's probable that Mal/Zbot-FV will be present with other types of malicious software, SpywareRemove.com malware research team suggests that you use suitable anti-malware programs to scan your entire PC instead of simply trying to find and delete Mal/Zbot-FV by itself. Symptoms of Mal/Zbot-FV infections may not be present, since most of Mal/Zbot-FV's default behavior is surreptitious, although anti-malware products may alert you to Mal/Zbot-FV attacks. Despite the considerable danger that can be involved in Mal/Zbot-FV attacks, as long as you delete the e-mail messages that carry Mal/Zbot-FV, your PC should be safe from most methods of Mal/Zbot-FV infection.

Why That E-mail Notice Might Be the Start of Your Firewall Crashing Down

Mal/Zbot-FV can propagate through all methods that are used by PC threats, but its recent distribution tactic has been to piggyback along with other Trojans in spam e-mail messages. These e-mail messages conform to the example shown below, and attempt to fake a shipping notification to make you open an infected file attachment:

Subject: DHL Tracking Notification ID: [random number]
From: "DHL International"

File Attachment: DHL-Express-Delivery-Notification-Details_03-2012_[random id].zip

After being installed, Mal/Zbot-FV may insert malicious code into your normal Windows processes or install other PC threats that are contained internally. Further behavior from Mal/Zbot-FV can encompass everything from creating a backdoor to stealing personal information (such as account logins). Although Mal/Zbot-FV will not leave obvious signs of its presence, SpywareRemove.com malware researchers note that you may be able to detect Mal/Zbot-FV by noting unusual fluctuations in system resource usage or by being blocked from popular firewall programs.

Besides all of these attacks, Mal/Zbot-FV also has an exceptionally fearful history due to its spyware-related functions. By default, Mal/Zbot-FV is often designed to steal login information from financial websites, including E-Gold and Bank of America. Naturally, SpywareRemove.com malware analysts recommend that you contact the relevant institutions to counteract any possibility of account break-ins if you've recently deleted Mal/Zbot-FV with an anti-malware program.

The Host of Faces That You Might See Mal/Zbot-FV Using

Mal/Zbot-FV can also be detected by other names, primarily depending on what type of anti-malware scanner you use to detect and remove Mal/Zbot-FV. These aliases have been known to include Trojan-Dropper.Win32.Injector.dije, Win32:Reveton-AI, TR/PSW.Zbot.1887, Win32/Kryptik.ACLA Trojan (variant), PWS:Win32/Zbot, Gen:Variant.Graftor.17349 and Trojan.Win32.Generic.12BA7337. Attempting to delete Mal/Zbot-FV without assistance from appropriate software usually isn't recommended, since, as SpywareRemove.com malware experts note, Mal/Zbot-FV is designed to avoid casual detection and can infect Windows components like svchost.exe.

While the dangers that its payload presents are significant, Mal/Zbot-FV can only attack Windows computers, and non-Windows PCs can be considered effectively invulnerable to pure Mal/Zbot-FV-based attacks. For Windows computers, recommended protection includes practicing common safety standards around e-mail files and keeping updated security programs to detect Mal/Zbot-FV before Mal/Zbot-FV can be installed.

Technical Details