2 min read

ZBot Removal Tool

Răzvan LIVINTZ

September 14, 2010

ZBot Removal Tool

ZBot (also known as Zeus, ZeusBot or WSNPoem) is a Trojan horse engineered to steal sensitive data from compromised computers. While ZBot focuses mainly on the online banking details that users input on financial organizations’ pages, it also monitors system information and steals additional authentication credentials. The latest variants can also gather the history of the visited Web sites and other data users provide online, while also capturing screenshots of the their’ desktop.

ZBot is distributed mainly via spam campaigns and Web pages which host its malicious payload, usually under the guise of a popular legitimate application.

Once onto the system, ZBot modifies the files and folders’ structure, adds registry keys, injects code into several processes (such as winlogon.exe or svchost.exe) and adds exceptions to the Microsoft® Windows® Firewall, providing backdoor and server capabilities. It also sends sensitive information and listens on several ports for possible commands from the remote attackers’ command-and-control center. This allows cybercriminals to manage the Trojan in order to download and execute additional malicious payloads on or take control over the system, its actions including, without being limited to restarting and shutting down the affected computer.

For a comprehensive list of ZBot features and other technical description details, please check out the BitDefender Virus Encyclopedia.

As part of its ongoing efforts to inform, educate and help users worldwide in their fight against e-threats, BitDefender has created a ZBot Removal Tool. The removal tool checks users’ computers, detects and eliminates most of the ZBot variants spotted in the wild. It is available for download and use free of charges in the Removal Tools section of hotforsecurity.com.

However, ZBot is one of the most prolific breeds of malware and new variants appear every day. Thus, we strongly suggest computer users to regularly return to our ZBot Removal Tool page for additional updates of this ZBot Removal Tool. Users of the BitDefender antimalware suites are already protected by its state-of-the-art defensive technology.

 

The technical description and the removal tool referenced in this article are available courtesy of Bogdan Timofte, BitDefender Online Threats Researcher.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of their respective owners.

tags


Author



Right now

Top posts

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read