Remove W32.Wabot.B Completely - How to, Technology and PC Security Forum |

Remove W32.Wabot.B Completely


with SpyHunter

Scan Your System for Malicious Files
Note! Your computer might be affected by W32.Wabot.B and other threats.
Threats such as W32.Wabot.B may be persistent on your system. They tend to re-appear if not fully deleted. A malware removal tool like SpyHunter will help you to remove malicious programs, saving you the time and the struggle of tracking down numerous malicious files.
SpyHunter’s scanner is free but the paid version is needed to remove the malware threats. Read SpyHunter’s EULA and Privacy Policy

TypeWorm infection.
Short DescriptionThe threat replicates itself and may open a backdoor connection.
SymptomsConnections to foreign hosts. Unfamiliar executable files replicating.
Distribution MethodOnline file sharing software, others.
Detection ToolDownload Malware Removal Tool, to See If Your System Has Been Affected by W32.Wabot.B
User ExperienceJoin our forum to follow the discussion about W32.Wabot.B.

help-removal-sensorstechforumBeware of a worm going by the name of W32.Wabot.B. It is a variant of the wabot family and the worm has been reported to download malicious files on the affected PC from a remote server. Security experts strongly advise users to beware when they use their online file sharing services and also to carefully monitor the web sites they visit. Security experts recommend monitoring active connection from remote hosts to the PC itself. Users are also advised to watch for In case you have this worm, we have provided removal instructions after the article.

W32.Wabot.B – How Did I Get It?

One way to get affected by this worm is by using online file-sharing programs such as DC++ as well as intranet. There is also a possibility that a trojan.downloader may have inserted the threat from a remote location.
A good way to prevent such attacks from entering your PC in the future is to make sure that you use adequate firewall as well the proper protection software, but most of all, you should not in any way leave unfamiliar executable files unchecked. It is advisable to upload such files to online scanners such as that scan the file with multiple definitions and mechanisms.

W32.Wabot.B – More about It

Once launched on the affected computer, the cyber threat replicates its executables with random information embedded up to the ending. Here is an example, provided by Symantec of files that were created in a win32dc folder, located in %Windir%.

BattleField 1942 serial.exe
BattleField 1942(fix).exe
BattleField 1942_serial.exe
DAoC nocd.exe
Doom 3 cheat.exe
Doom 3(cheat).exe
Doom 3_hack.exe
FlatOut crack.exe
Quake3 cheat.exe
Silent Hill 4_cdfix.exe

Judging by the executables the worm targets primarily gamers, but it may also be modified to target other specific groups of users.
Once created copies of itself, the worm then begins looking for files with the word “share” in them and from the following formats as well:


The cyber threat then makes files that contain the absolutely same name and it also creates modifications to make them have the same length. The worm also makes an attempt to connect to – a suspicious IRC server by using a random nickname. What the worm does afterwards is join a channel, going by the name of #vdm in IRC. It is also reported to use the passkey “fuck21”.

After this has been done the worm may be directly controlled with commands from to jumpstart it into acting. It has the capability to:

  • Download files from a backdoor.
  • Collect system information
  • Replicate itself and spread

Removing W32.Wabot.B Completely

In order to fully get rid of this online threat, you should make sure you follow the step by step manual illustrated belwow. What is more, it is highly advisable to employ a powerful anti-malware tool to help prevent further threats and restrict this worm from spreading and installing other malware on the PC.
Experts recommend to not simply look for and delete affected files and objects manually since it is more sophisticated than that. Instead, the connection for the internet should be immediately disconnected to restrict the worm. After this you should follow this manual.

1. Boot Your PC In Safe Mode to isolate and remove W32.Wabot.B
2. Remove W32.Wabot.B with SpyHunter Anti-Malware Tool
3. Remove W32.Wabot.B with Malwarebytes Anti-Malware.
4. Remove W32.Wabot.B with STOPZilla AntiMalware
5. Back up your data to secure it against infections by W32.Wabot.B in the future
NOTE! Substantial notification about the W32.Wabot.B threat: Manual removal of W32.Wabot.B requires interference with system files and registries. Thus, it can cause damage to your PC. Even if your computer skills are not at a professional level, don’t worry. You can do the removal yourself just in 5 minutes, using a malware removal tool.

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share