PWS:Win32/Zbot.gen!plock

PWS:Win32/Zbot.gen!plock is a computer threat that aims on stealing information from the compromised computer. This is a detection given by Microsoft Security Software to name this specific type of malware. Just like any other data-gathering malware, this threat was made to steal user name, password, online credentials, or any desired data as arranged on its code. Other than that, PWS:Win32/Zbot.gen!plock also records hardware and software data, installed programs, and security setup on the infected PC.

Threat behavior

Installation

Normal routine to deploy a copy of PWS:Win32/Zbot.gen!plock includes spam email messages. It is sent as a misleading letter from a known person, company, or institution. Body of the email may contain messages that intend to draw user's attention into executing attached file.

Compromised web sites that will redirect users to PWS:Win32/Zbot.gen!plock location is reported as another method used by attacker to propagate this malware. Plagiarize software, serial key-generator, and misleading online advertisements are also used to drop a copy of PWS:Win32/Zbot.gen!plock.

Payload

When executed, PWS:Win32/Zbot.gen!plock will create files under Windows folder. In addition, it will arrange a start-up process by injecting registry entries without user's notice. This threat constantly connects to a remote server in order to download more malware.

Changes are also made to Windows firewall to allow network traffic that is required for PWS:Win32/Zbot.gen!plock to send gathered data to a remote computer. Running processes that are relevant to security software will also be disabled by this threat to avoid detection and removal.

Symptoms

Due to the ways and means of PWS:Win32/Zbot.gen!plock to work silently, there may be no obvious symptoms. Microsoft Security Software may send an alert if it able to identify the threat at it tries to enters the system.

How can you remove PWS:Win32/Zbot.gen!plock?

To totally remove PWS:Win32/Zbot.gen!plock from the computer and get rid of relevant virus and trojan, please execute the procedures as stated on this page. Make sure that you have completely scan the system with suggested malware removal tools and virus scanners.

Windows XP, Windows Vista, and Windows 7 Instructions:

1. Open Microsoft Security Essentials by going to Windows Start > All Programs. If the tool is not yet installed on the computer, please download Microsoft Security Essentials from the link below. Save the file on your hard drive.

Complete installation guide and usage are also provided on the same link. It is essential in removing PWS:Win32/Zbot.gen!plock effectively. If Microsoft Security Essentials is already installed on the PC, please proceed with the steps below.

2. On Microsoft Security Essentials Home screen, please choose Full under Scan Options.

MSE Full Scan

3. Click on Scan Now button to start detecting PWS:Win32/Zbot.gen!plock items, viruses, and malware on the PC. Scan may take a while, please be patient and wait for the process to end.

Windows 8 / 10 Instructions:

Windows Defender is a free tool that was built to help you remove PWS:Win32/Zbot.gen!plock, viruses, and other malicious items from Windows 8 or Windows 10 system. Follow these procedures to scan your computer with Windows Defender:

1. Tap or click the Search charm, search for defender, and then open Windows Defender.

If Windows Defender is not yet installed on the computer, please proceed to download page using the link below. It also contains detailed instruction to install and use the program effectively. Proper usage is required to totally remove PWS:Win32/Zbot.gen!plock.

WD-charm

2. On the Home tab, click Full under Scan Options. Click Scan now to start scanning for presence of PWS:Win32/Zbot.gen!plock. The process may take a while to complete.

WD-fullscan

3. After the scan, delete/quarantine identified threats wether it is relevant to PWS:Win32/Zbot.gen!plock or not. You may now restart Windows to complete the virus removal process.

Double Check with Malwarebytes Anti-Malware

1. Download Malwarebytes Anti-Malware from the link below. Save the file on your hard drive.

2. Once the download completes, double-click on the file MBSetup.exe to run the program.

3. Select desired installation package whether for Personal Computer or Work Computer.

4. On next window, click Install button to proceed.

MBAM Default Install

5. Just proceed with the succeeding prompts until it start to execute the installation procedure.

6. Installation process will take less than a minute. It should run automatically after completing the setup.

7. When Malwarebytes Anti-Malware interface appears, please select Scan on the menu. The program will check for any available update before proceeding. Do not skip this step. Virus scan may take a while, please wait for the process to finish.

MBAM-threatscan

8. When scanning is done, Malwarebytes Anti-Malware will display the list of identified threats. Remove all and restart the computer to finalized the scan process.

One thought on “PWS:Win32/Zbot.gen!plock

  1. borbia o. perry

    i have microsoft essentials which has noted on Windows 7 & I am a transcriptionist. Since your instructions say that MICROSOFT DEFENDER REPLACES MICROSOFT SECURITY ESSENTIALS ON WINDOWS 8: ONCE THEY ARE DETECTED & SHOWN ON ESSENTIALS WHAT DO I DO THEN TO REMOVE THEM FROM MY COMPUTER?

    (1) TrojanDownloader:Win32/Kuluoz.D and
    (2) PWS:Win32/zbot.gen!plock

    PLEASE LET ME KNOW WHAT TO DO NOW!!! THANK U. I AWAIT YOUR REPLY!!! GOD BLESS U!!!

    BORBIA PERRY

Leave a Reply

Your email address will not be published. Required fields are marked *