For the Cigar Loving "Tech Geeks "...

[El Presidente]

I have a possible Zeus Trojan on my Laptop. Yes, I run anti Virus and have run a Malwarebytes scan. Clean.

This is a hard Trojan to eliminate/quarantine.

How do I terminate this bug? How do I know when it is gone?

Any help much appreciated

[OZCUBAN]

I would buy a Mac

Sorry rob pc viruses are not my area of expertise

Cheers OZ

P.s stay away from porn sites

[PigFish]

Buy a Mac!

Don't send me any email... Oh... Call Ken, I hear he is tech savvy! -LOL

Sorry about your dilemma Mate; I don't have a clue, but you knew that already.

I have found that there are specific solutions for some of these viruses. Sometimes a google for the virus or a search at the anti-virus site will yield a manual removal solution for your problem. I have done this before with PC bugs and it has worked for me. That is the best I can do Amigo, good luck. -R

[Habanakane21]

I would buy a Mac

Sorry rob pc viruses are not my area of expertise

Cheers OZ

P.s stay away from porn sites

I love my MacBook...never...ever a problem. Sorry to hear about that Trojan Rob. I've been reading about that damn thing. It's a big pain in a lot of people's butt.

[MrGlass]

The quick research I've done on this seems to contradict itself. Some places say that an anti-virus scan will remove it, other say not. The fact that it sounds like it is constantly being changed seems to suggest that an anti-virus wouldn't be something I'd depend upon.

Even the guides on trying to manually remove it are lacking in detail and only provide pointers rather than a step-by-step approach.

If it was me in this situation, even if I worked through all of the above, I still wouldn't trust that it was completely gone. As such, I would save the time and effort of trying to fix the problem and instead spend that time preparing to format and reinstall.

This is only my two cents.

Good luck.

Nick.

[OZCUBAN]

Is reformatting hard drive an option?

But then you need to know where virus is hiding so you do not put it back on again hope this helps

[mkz]

Try making a sweep with Spybot Search & Destroy: http://www.filehippo.com/download_spybot_search_destroy/

Have used it sucessfully in the past but no guaranties mate...

For safe browsing in the future I recommend Kaspersky Internet Security and Firefox browser.

[MrGlass]

Is reformatting hard drive an option?

But then you need to know where virus is hiding so you do not put it back on again hope this helps

It seems to hide as an executable with settings hidden in the registry.

If you're not backing up executables, I wouldn't imagine it to be a problem. And given that most of the things people want to backup are documents and media, this shouldn't be a hassle.

[CanuckSARTech]

I have an HP, Windows Vista.

I have/run AVG anti-virus. I've had a few trojans come in before, but this system has worked well, stopped everything in it's tracks, no data loss/damage. You can get a freeware version of their program at grisoft.com, or something like that.

[El Presidente]

I use firefox

Try making a sweep with Spybot Search & Destroy: http://www.filehippo.com/download_spybot_search_destroy/

Have used it sucessfully in the past but no guaranties mate...

For safe browsing in the future I recommend Kaspersky Internet Security and Firefox browser.

[CanuckSARTech]

What's your anti-virus software, and is it fully up-to-date?

[El Presidente]

It seems to hide as an executable with settings hidden in the registry.

If you're not backing up executables, I wouldn't imagine it to be a problem. And given that most of the things people want to backup are documents and media, this shouldn't be a hassle.

Cheers for that. We backup MYOB daily but outside of that bugger all.

[El Presidente]

What's your anti-virus software, and is it fully up-to-date?

I run Sophos AV. All up to date.

The Zeus apparently gets passed most AV (not picked up)

[rckymtn22]

Try running Trend Micro House Doctor. It is a free online virus scanner that I use once a month to check my systems.

Good luck

[PigFish]

While this is not on topic, I have found that when I go to undertake a reformat project on a HDD it is often better to start with a new drive and keep the old drive intact for future use or reference until I know that I no longer need the data. When you can buy a new 320GB drive for $40 bucks you can build a new drive up and keep your old one to reference if you have to. Just an idea if you think you are going to scrub the drive and start over. -R

[CanuckSARTech]

I run Sophos AV. All up to date.

The Zeus apparently gets passed most AV (not picked up)

I'm telling ya, try downloading/installing AVG. I had a potential infection from this damn thing last fall, and that system seemed to pick it up and fry it.

It's a fully supported, free anti-virus software. Just google AVG, and you'll find it. Free - so it doesn't cost you a thing to give it a shot.

[CanuckSARTech]

Try running Trend Micro House Doctor. It is a free online virus scanner that I use once a month to check my systems.

Good luck

HouseCall is horrible - just a ploy to get you to buy their Trend anti-virus. I've had it check just recently reformatted and clean removable hard drives in the past, and it throws up all these fake red flags.

I find Trend and Symantec/Norton to be the equivalent of the U.S. Homeland Security "Threat Level" warning system - all bluster, don't come out from under your shells, duck and cover everyone!

[jacksfull]

I run 5 or 6 different scans on a regular basis and each one seems to pick up something different. Some of these may be getting long in the tooth, but I've used:

Spyware Doctor

Malwarebytes

AVG

Avast

SuperAntiSpyware

Spybot

Ewido

CCleaner

Ad-Aware

I don't think you can count on just one all the time.

[ashen]

You might want to try Spybot S&D and/or revert back to a copy of your files by restarting your computer, pressing F8 and going back to a save file that was before the trojan got installed. This assumes you are using Windows. Reverting back to an older version will take care of a lot of the stuff that is hidden somewhere in your startup.

[MIKA27]

I have a possible Zeus Trojan on my Laptop. Yes, I run anti Virus and have run a Malwarebytes scan. Clean.

This is a hard Trojan to eliminate/quarantine.

How do I terminate this bug? How do I know when it is gone?

Any help much appreciated

Hi Prez.

As you are probably well aware, the Zeus Trojan is 'spyware' and whilst it is harmless in many aspects, it is spyware afterall.

The Zeus Trojan normally writes itself into the boot sectors of the C: and A: disks.

Removing a Zeus Trojan manually can be difficult and risky to your computer.

Step 1 : Use Windows Task Manager to Remove Zeus Trojan Processes

Remove the "Zeus Trojan" processes files:

088709.exe088709.exe

Step 2 : Detect and Delete Other Zeus Trojan Files

Remove the "Zeus Trojan" processes files:

088709.exe

[mkz]

I use firefox

Frequent visits to various porn sites isnt recommended either...

[LeafLover]

Try running Trend Micro House Doctor. It is a free online virus scanner that I use once a month to check my systems.

I use Trend Micro for my operations. Very satisfied with it. Was turned on to it by my cousin who is on the IT dept for an international law firm with some heavy hitting clients. So, I'm sure they did their research on what kind of anti-virus/spyware to use. Of course my version is probably not as complete as theirs.

Good luck nevertheless. I'm not a techy, but maybe you should back up all your data before you start cleaning up the mess.

Oh, and yah, Mac all the way.

[investandprosper]

Hey Prez, have you had any luck? I do this for a living and may be able to walk you through it if it is still in your system.

[El Presidente]

Hey Prez, have you had any luck? I do this for a living and may be able to walk you through it if it is still in your system.

I appreciate all the help both in this thread and the 23 PM's

if you can, PM me a step by step walk through process. It is on one or more of 3 PC's in here. It does not affect e-mail but I want to ensure no facet remains. Much appreciated!

[CanuckSARTech]

So, uh, which computer runs our payment processing then????