|
21 Jul 11 - 01:04 PM (#3192077) Subject: BS: Tech..virus Win32/Zbot.G From: Andy Jackson I seem to keep getting this virus come up on AVG when I try and find the file it says folder empty. Is this because AVG has done it's job or am I going up the garden path? If you really can't sleep the full route is: c:\System Volume Information\_restore{D762003B-FFD4-4D45-83D8-7555FD50B277}\RP45\A0005010.dll and Virus identified as Win32/Zbot.G I reinstalled Windows (XP) last time, as things just got worse and worse and bits started dropping off!!!! |
|
21 Jul 11 - 01:30 PM (#3192089) Subject: RE: BS: Tech..virus Win32/Zbot.G From: olddude Try downloading and running this tool from microsoft. It works I have removed the exact same virus from a friends PC. onecare scanner |
|
21 Jul 11 - 01:33 PM (#3192091) Subject: RE: BS: Tech..virus Win32/Zbot.G From: olddude by the way AVG just doesn't do it job ... I hate that program, download and use Microsoft security essentials ... that is a free program that does work |
|
21 Jul 11 - 01:55 PM (#3192107) Subject: RE: BS: Tech..virus Win32/Zbot.G From: Andy Jackson Thanks for that advice. I've downloaded it and run a quick scan...nothing found. But I will run a deep scan overnight as well. I'll keep you informed. Thanks again. |
|
21 Jul 11 - 01:58 PM (#3192109) Subject: RE: BS: Tech..virus Win32/Zbot.G From: Andy Jackson I agree that AVG is not what it was. I swapped to MS on my tower PC and it seemed very good. But that died a few days ago and I am trying to sort my laptop until I can get to repairing big box. |
|
21 Jul 11 - 06:04 PM (#3192237) Subject: RE: BS: Tech..virus Win32/Zbot.G From: JohnInKansas If you watch the "rankings" frequently published by tech media, you'll know that no AV program stays at the top of the list for very long. The better selection method is to look for one that stays consistently near the top over a longer time. AVG has bounced between "best" and "unacceptable" in some lists over the past year or so. There seems also to have been a chasm opening between the "free" version(s) and the better paid version. Ratings for the paid AVG versions reviewed have remained good enough to be "probably acceptable" so far as I've noticed, but there have been few recent recommendations for the freeby. Not all reviews tell you clearly whether they're talking about the free or paid version(s). So far as I've seen reports on it, Microsoft runs their "Malware Remover" pretty much with every patch download. The Remover gives them a good report of what malware is in current circulation so that their more general protection utilities can concentrate on what's a real and current threat. There have been objections that they may miss some "old stuff," that seems to circulate forever from reservoirs of infected machines that never run anything; but the objections have been "pretty weak," for the current Microsoft protection kits. The Microsoft stuff appears to be a lot better than it was some months ago when it was considered "bare essentials" protection. A difficulty we run into now is "too many" sources that want to "automatically add" their defenses for you, so it's easy to get protectors protecting you from your other protections. John |
|
21 Jul 11 - 07:33 PM (#3192279) Subject: RE: BS: Tech..virus Win32/Zbot.G From: bobad I found this on Malwarebytes Forum: Posted 15 April 2011 - 01:07 AM Hi and welcome to Malwarebytes. A Zbot detection is a backdoor trojan. A backdoor severely compromises system integrity. A compromised system may allow illicit network connections, disabling of security software, modifying critical system files and collection and transmiission of personal identifiable information without your consent. I recommend that you disconnect this PC from the Internet immediately, and only reconnect to download any tools that are required. If you do any banking or other financial transactions on the PC or it if it contains any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation. Though the Trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be a reformat and reinstall of the OS. If it were on my PC I would not hesitate for a moment to do so. Please read these for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud? When Should I Format, How Should I Reinstall Should you decide not to follow that advice, we will of course do our best to clean the computer of any infections that we can see but, as I already stated, we can in no way guarantee it to be trustworthy. Should you have any questions, please feel free to ask. Let me know what you decide. Chris Fistonich Consumer Support Specialist |
|
21 Jul 11 - 07:39 PM (#3192282) Subject: RE: BS: Tech..virus Win32/Zbot.G From: bobad If you go to START / RUN and type in mrt you will access the Microsoft Malicious Software Removal Tool which gives you a list of the malware it detects and removes. In the list is included the Win32/Zbot -- you might want to give that a try to see if it picks it up. |
|
21 Jul 11 - 08:03 PM (#3192304) Subject: RE: BS: Tech..virus Win32/Zbot.G From: bobad Useful information from Microsoft on Win32/Zbot.G in particular and Win32/Zbot in general: http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=PWS%3AWin32%2FZbot.G |
|
22 Jul 11 - 06:43 AM (#3192530) Subject: RE: BS: Tech..virus Win32/Zbot.G From: Andy Jackson GONE !! MS Security essentials now installed. |