Desktop infected with PWS:Win32/Zbot.DW
I am using Windows Vista operating system with Avira antivirus and my browser is IE8. My desktop has been infected with PWS:Win32/Zbot.DW and the the antivirus that I am using in my system alerted me about this a couple of days ago. The problem is that I am not able to remove this infection with the help of the antivirus. So, I need a method for its removal from the system. Is there any technique to stop them from entering the system? Kindly reply with suitable suggestions.
Manually delete the infection
If the desktop is infected with PWS:Win32/Zbot.DW, then I suggest you to manually delete the infection, rather than formatting the system. Here are the files that you need to search for and to be deleted:
- %ProgramFiles%\linkedtricks\linkedtricks.exe
- %System%\sdra64.exe
- %Temp%\6_ldr3.exe
- %Temp%\adv.exe
- %Temp%\tmp.exe
- %Temp%\tmp1.exe
This may probably solve your problem.
PWS:Win32/Zbot.DW modifies the registry values
PWS:Win32/Zbot.DW modifies the registry values and I recommend that you should also delete the modified registry values to permanently eradicate them from the system. Here are the registry values that are modified and that requires deletion:
- HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\{19127AD2-394B-70F5-C650-B97867BAA1F7}
- HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6}
- HKEY_USERS\.DEFAULT\Software\Microsoft\Protected Storage System Provider
Just dont forget to get into the safe mode before you do the deletion of the above values.
Methods to avoid infections from entering into the system
Since your desktop is infected with PWS:Win32/Zbot.DW, you need to know the methods to avoid infections from entering into the system:
- Always keep a firewall running in the system.
- Keep the system well updated.
- The antivirus database has to be kept updated.
- Do not accept file transfers from unknown users.
- Do not open email attachments from unknown users.
- Do not download pirated softwares.
- Beware of social engineering.
- Protect your Windows account with strong passwords.
Description about PWS:Win32/Zbot.DW
If the desktop is infected with PWS:Win32/Zbot.DW, then you need to use some good antivirus like AVG to scan your system and then remove all the infections that are found during the scan. Here is some description about PWS:Win32/Zbot.DW:
- All the keystrokes like username, password, credit card number, etc. are captured by this infection and given to the attacker.
- This malicious content possesses a great risk factor when the system in on the network.
- It acts as a backdoor, that allows other infections to enter into the system.