PDA

View Full Version : Win32.ZBot removal



mapper
2010-02-17, 23:58
Hi,

Can anyone help me get rid of Win32.ZBot? Every time I run a scan with spybot it shows up as present, though ecah time I click 'fix selected problems. the report is:


Win32.ZBot: [SBI $6CF375A8] Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit=...C:\WINDOWS\system32\sdra64.exe,...


--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2010-02-17 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi (*)
2010-02-16 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-02-09 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-02-09 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-02-09 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-02-10 Includes\Malware.sbi (*)
2010-02-17 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-02-16 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-02-10 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-11-03 Includes\Spyware.sbi (*)
2010-02-16 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2010-02-16 Includes\Trojans.sbi (*)
2010-02-17 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

mapper
2010-02-19, 14:03
I think this has been resolved by an update to Spybot

THANKYOU!!

mapper
2010-02-19, 16:03
I installed spyhunter 3 after succumbing to a false security alert a few days ago:oops:. It took my money and dealt with the problem but after much reading I decided to remove it this morning using Add/Remiove programs. Within an hour I had a warning purporting to be from my AVG resident sheild saying that it had detected another threat and asking for confimation of actions to remove it. I unhooked the network connection and turnmed the machine off. It is currently running scans in Spybot & AVG and looks OK so far.

when I googled false positives with AVG resident shield I ended up at a site which told me to download Spyhunter 3. I'm concerned that it may have left something on my system to prompt paying for a new copy of their software.

How can I be sure that all traces of Spyhunter are gone?

tashi
2010-02-19, 18:13
Hello mapper,

This is the malware removal forum and the procedure is here:
"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

Best regards.