Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Win32/Zbot.E & VBS/Generic Virus??

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Win32/Zbot.E & VBS/Generic Virus??

Unread postby will-i-ams » November 3rd, 2010, 11:08 am

Hello. Sorry to hijack your thread but I've got a quick question if I may.

I have the exact same problem as Jon14 (so I feel your pain), however, I have the "luck" that mines an extremely old machine that was given to me and I don't really mind if I lose everything thats on there. Would re-formating my hard drive and re-installing Windows completely solve the issue, or would I be better off binning the whole thing and getting a probably much needed upgrade
will-i-ams
Active Member
 
Posts: 2
Joined: November 3rd, 2010, 10:49 am
Advertisement
Register to Remove

Re: Win32/Zbot.E & VBS/Generic Virus??

Unread postby Gary R » November 3rd, 2010, 12:36 pm

Normally I'd tell you to start your own thread, however since this one is practically closed and since your question is easily answered I'll reply.

Yes a reformat of your hard drive and re-install of Windows will clear your computer completely of infection. Whether you'd be better updating to a new machine only you can answer.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Win32/Zbot.E & VBS/Generic Virus??

Unread postby will-i-ams » November 3rd, 2010, 12:45 pm

Thank you for your reply and the advice
will-i-ams
Active Member
 
Posts: 2
Joined: November 3rd, 2010, 10:49 am

Re: Win32/Zbot.E & VBS/Generic Virus??

Unread postby Gary R » November 3rd, 2010, 1:11 pm

You're welcome. :)
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Win32/Zbot.E & VBS/Generic Virus??

Unread postby Jon14 » November 3rd, 2010, 3:51 pm

An update for you and anyone else who's been reading this (seems like much more views than normal):

So I was almost finished backing up my second (and final) drive, when another balloon came up saying "windows has expired". Nothing happened though, and I was able to backup the rest. Just as I was backing up the final 100 GBs or so, I started running into "Cyclic Rendundancy Check" errors and other similar errors. Eventually the computer froze (rare for me) and I was forced to restart. And guess what, Windows refused to turn on without "being activated". So now with 100GBs left to backup on my second drive, I think I am best off unplugging this drive and just reformatting my main drive. Then when I do that I will put in the second drive, backup the rest, and reformat the whole thing. My only problem now is finding the XP disc. I will let you know how this all finally turns out in a day or a few.
Jon14
Regular Member
 
Posts: 35
Joined: April 22nd, 2010, 1:28 pm

Re: Win32/Zbot.E & VBS/Generic Virus??

Unread postby Jon14 » November 5th, 2010, 10:10 pm

I figure I should give another update, but still not done. After days of work on backing up, I have completely reformatted the Drive C. Then I plugged my secondary drive in and am currently backing the rest of that one up. When I am done, I will probably format the secondary drive and then do a final reformat of the C Drive to make 100% sure nothing is still there. I should mention though, a single reformat for me took 4 hours. I will let you all know how this turns out by the end of tomorrow or the next day. Also, when I first came onto the forums, I had another laptop that had problems (definately not as bad as this computer). Would I have to make a new thread or can I discuss that one in here?
Jon14
Regular Member
 
Posts: 35
Joined: April 22nd, 2010, 1:28 pm

Re: Win32/Zbot.E & VBS/Generic Virus??

Unread postby Gary R » November 6th, 2010, 5:35 am

Thanks for the update, sorry your re-format took so long, that's the unfortunate disadvantage of having large disks and lots of data.

Best if you start a new topic for your other laptop, it keeps the forum "paperwork" tidy. :)
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Win32/Zbot.E & VBS/Generic Virus??

Unread postby Jon14 » November 8th, 2010, 11:43 am

Alright, so I think i'm FINALLY done with this mess. The second reformat didn't take nearly as long, but it was all the updating/installing of windows/other programs that took a long time. Both drives are completely cleared and I have begun the process of putting my files back (a lot less this time around). I have scanned the 3 external drives (that my files were put on) with a few different scans and nothing was found. I believe i'm done here, and went out and got Norton Internet Security 2011 whichis supposed to be pretty good. Hopefully this is it for a while for me, as it seems once a year I get a big issue, just this being the worst.

Thanks so much again, your help was pretty much the main reason I was able to do all of this!
Jon14
Regular Member
 
Posts: 35
Joined: April 22nd, 2010, 1:28 pm

Re: Win32/Zbot.E & VBS/Generic Virus??

Unread postby Gary R » November 8th, 2010, 7:00 pm

You're welcome, sorry we couldn't do more to help you. Below is a set of security recommendations I usually give to someone when their computer is clean.

Before I make any recommendations, I'd like to give a simplified overview of how your defensive systems work and what you can do to protect yourself better in future.

The average home computer has approximately 64,000 ports through which it can communicate. By default these ports are open and can be used by any programme which cares to access them, either from within the computer or from without. If you were to go online with a computer in this condition you would quickly be attacked and your computer would be infected.

To prevent this you install a Firewall. A firewall will close all open ports and you then open the ones you need by setting "rules" for them according to the instructions supplied with the Firewall programme. Usually you will have ports open for your Internet Browser, your e-mail client, and the update functions for various programmes.

These "open" ports will not be fully accessible, in that they will only allow a communication if it was instigated from within your computer. Any unsolicited communications from outside are blocked.

However if you are tricked into starting the communication, then as far as your Firewall is concerned it is a legit transaction and it will open the port. So by clicking on malicious links, replying to unsolicited e-mails and attachments, and downloading from unsafe sources, you are effectively bypassing any protection your Firewall supplies.

At this point your Anti-Spyware and Anti-Virus programmes take over. The real-time-protection in these constantly scan the data stream in your open ports looking for things that match with items in the database they have within them. If they find something then they will alert you, or quarantine it, or delete it, according to the rules set within the programme.

However as you can see, if the database does not contain details of the infection that's attacking you, then your Anti-Virus or Anti-Spyware programmes will not protect you. There are new infections (or new variations of old infections) created every day, which is why it's vital to keep your programmes up to date. Even with a fully updated database though, you are still playing catchup, which is why your Firewall, Anti-Virus and Anti-Spyware programmes cannot ever give you 100% protection.

Adding more and more programmes will not give you more and more protection, it's up to you to take some responsibility for your online actions, and modify them to give your programmes the best chance of protecting you.

Be careful what you click on.
  • Don't download anything from a site you do not know and trust. Remember, there's no such thing as a free lunch, if something seems too good to be true it is. Malware purveyors love to offer out freebies as bait knowing full well that one unguarded click is all it takes.
  • Don't reply to unsolicited e-mails.
  • Don't open e-mail attachments (even from friends) without checking with the source to ensure they actually sent them.
  • Don't use P2P file sharing programmes. Even the ones that don't come bundled (and many do) are not safe. By using them you are effectively downloading from an unknown source, with all the dangers described above.


OK, so how do we set about protecting you.

You should definitely have one of each of the following programmes.
  • Firewall
  • Anti-Virus
  • Anti-Spyware
You do not need more than one of each. More than one will cause conflicts, and will not improve your security.

If you don't already have them, then these are links to lists of free programmes.
You'll increase your chances of not getting infected if you don't land on an infected website in the first place.

There are a couple of ways to do this
  • Block access to sites known to spread Malware.
  • Give you clear indication of which they are, so that you can make choices.
To block access to known bad sites we use a Hosts file.
Download HostsXpert and unzip it to your computer, somewhere where you can find it.
  • Double click on HostsXpert.exe to launch the programme.
  • Check to see if top button on left hand side says Make Writable ?
    • If it does. click on it then proceed to next instruction.
    • If not, just proceed to next instruction
  • Click on the Download button (lower left hand side)
    • Click on MVPs Hosts... button.
    • Click on Replace button.
    • Press OK in the box that pops up. (HostsXpert will now download and update your Hosts file)
  • When finished.
    • Click on File Handling button.
    • Click on Make Read Only ? to secure it against infection.
  • Exit the programme.

To give you an indication of which sites may contain bad links or suspect downloads I like to use WebOfTrust (WOT)

Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam, by rating over 21 million websites, helping you avoid the dangerous sites:
  • Green, are OK.
  • Yellow, visit with caution.
  • Red, known to be risky.

WOT has an addon available for both Firefox and IE.

Remove known vulnerabilities
  • Update your Java.

    Obviously since you've re-formatted you won't have any old versions of Java installed, so you just need to download and install Java Runtime Environment (JRE) 6 Update 22.
  • Update Windows and Internet Explorer It is essential you keep your Operating System up to date with all the latest patches. The bad guys watch for the latest exploits, as soon as Microsoft brings out a patch, the bad guys will bring out an infection to exploit that vulnerability. If you don't have all the latest patches your computer is vulnerable. Please go to the windows update site and get the critical updates.
  • Use a "secure" browser Install Internet Explorer 8 or an alternative browser like Firefox or Opera for more secure surfing.
    Please remember that there is no such thing as a totally secure browser. Your browsing habits will be the major factor in determining just how safe you are online. If you visit, Crack/Warez sites, Porn sites, or other sites of a questionable nature, you still run a severe risk of getting infected.
  • Do not use P2P file sharing programmes I'd like you to read the Guidelines for P2P Programs where it's explained why it's not a good idea to have them.

    My recommendation is you go to Control Panel > Add/Remove Programs and uninstall any P2P programs you have installed.
  • Obviously you have already taken care of some of the issues mentioned, but it is important that you read through them, and address any that you may have missed.

Here's links to a few articles which are worth reading


This topic is now closed.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 60 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware