Published Apr 29, 2010 | Updated Sep 15, 2017

Win32/Zbot

Severe |Detected with Windows Defender Antivirus

Aliases: Zeus (other) Wsnpoem (Symantec) Citadel (other)

Summary

Microsoft security software detects and removes this threat.

This family of trojans can steal your personal and financial information, and give a malicious hacker access and control of your PC. They can also lower your Internet browser security and turn off your firewall.

We have seen these threats download other malware, including threats from the Win32/Crilock and Win32/Necurs families. Crilockransomware can encrypts your files and then demand money to unlock them. Necurs malware can disable your security software and redirect your web browser.

Win32/Zbot can be installed on your PC via spam emails and hacked websites, or packaged with other malware families.

Find out ways that malware can get on your PC.

Use the following free Microsoft software to detect and remove this threat:

You should also run a full scan. A full scan might find other, hidden malware.

Protect your sensitive information

This threat tries to steal your sensitive and confidential information. If you think your information has been stolen, see:

You should change your passwords after you've removed this threat:

Prevent malware infections from spam emails
Get more help

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Follow us