It is no surprise to come across a Trojan horse since it is one of the usual threats we might get while browsing the web. Trojan horses does not show any signs of its presence making it hard to be identified by most scanners and thus, making it one of the favorite tools for hackers in doing their monkey business. As long as it wanted, this pesky Trojan horse can remain hidden while doing its dirty work. The Zeus Virus, also known as Zbot is a type of a Trojan horse that is famous for its keystroke logging and form grabbing. This virus is mostly known for stealing banking information through key-logging and form grabbing. Zeus Virus was discovered way back in July, 2007, since then, its number of victims had incremented up until now. The zeus virus had widen its scope and has been targeting both Android and Blackberry users. There are different ways getting this virus which we will discuss later on this article.
Different Methods in Getting Zeus Virus:
Phishing. This is one of the commonly used methods and is executed through sending emails disguising to be a reputable entity. This email may appear to be legit since it uses well-known names such as Microsoft. You will see a notification that demands you to click either Yes or No, the truth is you really don’t have a choice because it does not matter what you click, both choices will lead you to the trap that is the Zeus virus.
Drive-by Downloads. This is another common method, which is a general term for any unwanted content that is unknowingly downloaded unto your computer attached and hidden to a certain file. So be cautious in downloading files for it might come with something other than the file itself. Drive-by Installation. This installs software unbeknownst to you or with your consent; kind of similar to drive-by downloads.
Spam Emails and Attached Files. Spam emails either have links, archives, documents and other types of attachments that may contain the Trojan virus hidden behind those attachments. So to be safe, if you don’t know the sender of the email which contains attachments, it’s best to scan the attached file after downloading and opening it.
Capabilities of the Zeus Virus:
Destruction of your Operating System. Zeus virus can cause total destruction in your computer; it corrupts your files, remove programs, format your hard drive, making your system useless and vulnerable. If you think that’s the worse it can get, well brace yourself for this virus can do almost everything you can think of.
Spying. Without your knowledge, this virus could obtain information about you. One of the common ways in spying is through keystroke logging, that monitors and records anything you type into the keyboard and forwards them to hackers. It does not end to that, since it can also hack its way into your webcam to spy on you.
Electronic Money Theft. One of the famous capabilities of this virus is stealing your bank information allowing the hackers to get into your bank account and extract money from it. This is made possible through keystroke logging and form grabbing.
Botnet and mining. Zeus virus also has the ability to control your computer to be a part of a network of coordinated computers which is designed for a specific goal. One of its purpose is to spread out the virus through spam emails.
Bigger virus infestations. Zeus virus could also add more damage by adding more harmful programs. Needless to say, it can be a gateway for a Ransomware virus.
Putting Zeus Virus down won’t be an easy task even if you’re a pro because it changes its process name and most viruses develop from time to time. These are the common names this virus goes by:
Trojan-Spy:W32/Zbot; PWS-Zbot; Trojan-.Wsnpoem; Troj/Zbot-LG; Troj/Agent-MDL; Troj/Zbot-LM; Troj/TDSS-BY; Troj/Zbot-LO; Troj/Buzus-CE; Sinowal.WUR Troj/QakBot-D; Troj/Agent-MIR; Troj/Qakbot-E; Troj/QakBot-G
How to Remove Zeus Virus
Step 1. Restart your computer into Safe Mode.
Step 2. Tap Ctrl+Shift+Esc together and go to Processes Tab. Carefully select the suspicious program and Right-click each and choose Open file location and Scan the files using your updated virus scanner. Then end the processes which are infected and delete their folders. (Take note that this step is crucial since deleting the wrong file could seriously damage your computer, if you are not well-versed with computer, you can download Spyhunter for free).
Step 3: Press the Start key + R and type in appwiz.cpl then click OK.
And then a window for Programs and Features under the Control Panel will pop-up. Look for the malicious program you want to remove, Uninstall it, but if you see a screen like this below, select No.
Step 4: Click the Windows button at the lower-left corner of your screen and type msconfig and hit Enter on your keyboard. This should appear:
Go to Startup, Unmark the entries that has an unknown manufacturer or is suspicious.
Press the Windows button + R and type, notepad %windir%/system32/Drivers/etc/hosts, which opens a window like this:
Step 5: (Before proceeding, be mindful that this step will interfere with system files and registries. And again, if you are not familiar with the realms of computer, you can download SpyHunter.) Click the Windos button on your screen and type Regedit and hit Enter. After that, press Ctrl + F at the same time and type the viruses Name. Right-click and erase entries you notice have similar names. Or you can manually go to these directories and Uninstall them.
It can be any of them:
HKEY_CURRENT_USER—Software—Random Directory.
HKEY_CURRENT_USER—Software—Microsoft—Windows-CurrentVersion-Run-Random
HKEY_CURRENT_USER—Software—Microsoft-Internet Explorer—Main–Random