- Connects to the internet without permission
- Shows commercial adverts
- Strange toolbar installed without Your permission
- Slow internet connection
- Annoying Pop-up's
- Slow Computer
Trojan.Spy.ZbotTrojan.Spy.Zbot is vicious Trojan infection that tends to be installed onto a computer via a web browser security exploit, and without the user’s awareness. Once Trojan.Spy.Zbot is installed it begins to download and install additional malware onto the infiltrated system, which may in turn cause serious issues and may render the infected computer useless. All financial and personal data is at serious risk of being stolen, should a computer system have Trojan.Spy.Zbot present. Trojan.Spy.Zbot allows for a remote attacker to gain access to all personal information, which is highly capable of resulting in identity theft. The term Trojan refers to the fact this particular malware, Trojan.Spy.Zbot is installed under deceptive pretences, infiltrating the user’s PC without their approval or knowledge. Trojan.Spy.Zbot is particularly damaging to a computer system, once it has fully embedded itself within the PC’s system, therefore it is given a high priority security risk status by many computer analysts. The fact that Trojan.Spy.Zbot can easily enter any PC system via security exploits and flaws, most times without the user’s interaction, means that it is that much easier for Trojan.Spy.Zbot to enter the system and ensure the system’s security is immensely compromised. Risks which may affect the PC’s system functions include: the opening of illicit network connections, the use of polymorphic tactics to self-mutate, the disabling of already installed security software, modification of system files, and not forgetting the installation of additional malware. The best way to deal with the threat of Trojan.Bunitu is to simply remove it from the affected PC system. |
Download Spyware Removal Tool to Remove*
Trojan.Spy.Zbot
|
|
How to manually remove Trojan.Spy.Zbot
Files associated with Trojan.Spy.Zbot infection:
AcroIEHelpe148.dll
winz2.exe
service.exe
byjqtm.exe
_ex-68.exe
gb.exe
F2D.exe
ntuser32.exe
task.exe
jucheck.exe
rundll32.exe
dosxa.exe
WinAvs.exe
systemntfy.exe
SynNglp.exe
spoolsvr32.exe
ha_server.exe
AcroIEHelpe068.dll
ClamAVFile
questscan146.exe
pciyen.exe
183explorer.exe
cnsm.dll
AcroIEHelpe017.dll
JiurlPortHide.sys
loadnet.exe
frenjrupf6.dll
196126968.exe
shdoflash.dll
qhcohvh.dll
binternet.exe
nspr01.dll
lop32.dll
klif64.dll
facju1.dll
Xvid-Setup-dm-9.exe
questdns.dll
Skype.exe
M3SLSRCH.EXE
gabpath.exe
cssrs.exe
CEC_MAIN.exe
CBA.sys
AcrobatIEReader.dll
wmupdater.exe
updater.exe
tikuj.exe
suvokoobe.exe
pebehohas.exe
korabecap.exe
igfxsc32.exe
fousiw.exe
RegClean.exe
repsvc.exe
10.exe
Bot.exe
acxWILite.dll
eapAuthenticationClock.dll
apc_host.exe
psysnew.exe
svchosts.exe
kb845325.exe
ixi1of3vu8ivw.exe
_ex-08.exe
WebCheck.dll
US30XP.sys
update.exe
umdmgr.exe
tabany.exe
StartService.exe
siskxn32.exe
rqppqp.dll
jdkelj.exe
gotnewupdate000.exe
GoogleUpdate.exe
games.exe
eoo1.exe
6038710071.exe
5a38cf68.exe
59522793.exe
31979.exe
1D.tmp
041.exe
wvmu.exe
CUedca.exe
reset5c.dll
xi27817.dll
winmsne.exe
shdocwv.dll
MsTecs.exe
MsgrUpd.exe
atualizada.sys
yfrfx.dll
xw46792.dll
xln.cpl
wins.exe
winmsnliv.exe
winbudump.exe
winauxp.exe
vdr.dll
usbdata10.sys
updates.exe
upd32.exe
svrwsc.exe
spuninst.exe
SM336_2209.exe
skypexxxxx.exe
shell.exe
oi41636.dll
oa93135.dll
nvsvc32.exe
msftldr.dll
mont.exe
men.dll
mahdtml.dll
ltzqai.exe
kroover.exe
krambst.dll
JSInjector.dll
hbaapiwow.exe
gi22393.dll
geurge.exe
fx10619.dll
flipopia.exe
flashapi.exe
dfrgsnapnt.exe
devconus.dll
cfdrive32.exe
btw_oko.dll
andy142.exe
6to4v32.dll
cb10196.dll
winxpqohb.exe
thris.exe
setup.exe
Keysaver.dll
swapdm.dll
58.tmp
SCVHOST.EXE
termsrv.dll
fuwarxyus.dll
lanmanwrk.exe
Dll.dll
wscrntfy.exe
sysecurex.exe
msnscps.dll
ipv6mons.dll
ipv6monl.dll
installer.exe
hook.dll
dinputb.dll
crtdl.dll
certcl.dll
OKIX.exe
crdisk.exe
winixplore.exe
server.exe
ree2.exe
winlbom.exe
caclsn32.dll
msiead32.dll
msn64.exe
msnmsgr.exe
defrsmgr.dll
lsass.exe
drwaec32.dll
jdt7643.exe
Oldwin2.exe
winhlpj.exe
winhlpf.exe
helper.dll
imola.exe
system.exe
f4.dll
taskenv.exe
winpflbp.exe
winglogon.exe
winntR2.exe
temp01.exe
winnt4.exe
KernelDrv.exe
StormSet.exe
fun.exe
liel.exe
winnt2.exe
qwesddddd.dll
userinit.exe
explora.exe
systeminit.exe
zyndld32080926jt.dll
svrsrn.exe
od3mdi.dll
regsvc32.exe
mdccasys32_080512.dll
msn_livers.exe
winlogon.exe
svteppsk.exe
gbiehdst.dll
astrix.dll
STRWIN32.EXE
wsupd1.exe
Windows32.exe
watchdll.dll
csrss.exe
update01.exe
gmillogof.exe
msn.exe
audiohq.exe
netfx20.exe
win.exe
40518.exe
winagent.exe
hook.exe
services.exe
memaker2.EXE
svchost.exe
winnet.dll
wmiprevse.exe
smss.exe
ree1.exe
smastsj.exe
unchsy.exe
RunDLL31.exe
manleuk.exe
csrcs.exe
winupsbdk.exe
svhost.exe
winhelp32.exe
tjnw.exe
protectgb.exe
orkutkut.exe
ieexplorer.exe
gplan.exe
imglog.exe
ModBrd1.exe
Wapp.exe
System32.exe
krn4.exe
gbiehcef.dll
gbiehbsb.dll
CcEvtSvc.exe
WindowsUpdate.scr
Explorer.exe
iexplore.exe
SISWin32[1].dll
ldr[1].exe
sSSAMBHyv.exe
HxomSMbr.exe
twex.exe
zuk[1].exe
Trojan.Spy.Zbot DLL's to remove:
AcroIEHelpe148.dll
AcroIEHelpe068.dll
cnsm.dll
AcroIEHelpe017.dll
frenjrupf6.dll
shdoflash.dll
qhcohvh.dll
nspr01.dll
lop32.dll
klif64.dll
facju1.dll
questdns.dll
AcrobatIEReader.dll
acxWILite.dll
eapAuthenticationClock.dll
WebCheck.dll
rqppqp.dll
reset5c.dll
xi27817.dll
shdocwv.dll
yfrfx.dll
xw46792.dll
vdr.dll
oi41636.dll
oa93135.dll
msftldr.dll
men.dll
mahdtml.dll
krambst.dll
JSInjector.dll
gi22393.dll
fx10619.dll
devconus.dll
btw_oko.dll
6to4v32.dll
cb10196.dll
Keysaver.dll
swapdm.dll
termsrv.dll
fuwarxyus.dll
Dll.dll
msnscps.dll
ipv6mons.dll
ipv6monl.dll
hook.dll
dinputb.dll
crtdl.dll
certcl.dll
caclsn32.dll
msiead32.dll
defrsmgr.dll
drwaec32.dll
helper.dll
f4.dll
qwesddddd.dll
zyndld32080926jt.dll
od3mdi.dll
mdccasys32_080512.dll
gbiehdst.dll
astrix.dll
watchdll.dll
winnet.dll
gbiehcef.dll
gbiehbsb.dll
SISWin32[1].dll
Trojan.Spy.Zbot processes to kill:
service.exe
byjqtm.exe
_ex-68.exe
gb.exe
F2D.exe
ntuser32.exe
task.exe
jucheck.exe
rundll32.exe
dosxa.exe
WinAvs.exe
systemntfy.exe
SynNglp.exe
spoolsvr32.exe
ha_server.exe
questscan146.exe
pciyen.exe
183explorer.exe
loadnet.exe
196126968.exe
binternet.exe
Xvid-Setup-dm-9.exe
Skype.exe
gabpath.exe
cssrs.exe
CEC_MAIN.exe
wmupdater.exe
updater.exe
tikuj.exe
suvokoobe.exe
pebehohas.exe
korabecap.exe
igfxsc32.exe
fousiw.exe
RegClean.exe
repsvc.exe
10.exe
Bot.exe
apc_host.exe
psysnew.exe
svchosts.exe
kb845325.exe
ixi1of3vu8ivw.exe
_ex-08.exe
update.exe
umdmgr.exe
tabany.exe
StartService.exe
siskxn32.exe
jdkelj.exe
gotnewupdate000.exe
GoogleUpdate.exe
games.exe
eoo1.exe
6038710071.exe
5a38cf68.exe
59522793.exe
31979.exe
041.exe
wvmu.exe
CUedca.exe
winmsne.exe
MsTecs.exe
MsgrUpd.exe
wins.exe
winmsnliv.exe
winbudump.exe
winauxp.exe
updates.exe
upd32.exe
svrwsc.exe
spuninst.exe
SM336_2209.exe
skypexxxxx.exe
shell.exe
nvsvc32.exe
mont.exe
ltzqai.exe
kroover.exe
hbaapiwow.exe
geurge.exe
flipopia.exe
flashapi.exe
dfrgsnapnt.exe
cfdrive32.exe
andy142.exe
winxpqohb.exe
thris.exe
setup.exe
lanmanwrk.exe
wscrntfy.exe
sysecurex.exe
installer.exe
OKIX.exe
crdisk.exe
winixplore.exe
server.exe
ree2.exe
winlbom.exe
msn64.exe
msnmsgr.exe
lsass.exe
jdt7643.exe
Oldwin2.exe
winhlpj.exe
winhlpf.exe
imola.exe
system.exe
taskenv.exe
winpflbp.exe
winglogon.exe
winntR2.exe
temp01.exe
winnt4.exe
KernelDrv.exe
StormSet.exe
fun.exe
liel.exe
winnt2.exe
userinit.exe
explora.exe
systeminit.exe
svrsrn.exe
regsvc32.exe
msn_livers.exe
winlogon.exe
svteppsk.exe
wsupd1.exe
Windows32.exe
csrss.exe
update01.exe
gmillogof.exe
msn.exe
audiohq.exe
netfx20.exe
win.exe
40518.exe
winagent.exe
hook.exe
services.exe
svchost.exe
wmiprevse.exe
smss.exe
ree1.exe
smastsj.exe
unchsy.exe
RunDLL31.exe
manleuk.exe
csrcs.exe
winupsbdk.exe
svhost.exe
winhelp32.exe
tjnw.exe
protectgb.exe
orkutkut.exe
ieexplorer.exe
gplan.exe
imglog.exe
ModBrd1.exe
Wapp.exe
System32.exe
krn4.exe
CcEvtSvc.exe
Explorer.exe
iexplore.exe
ldr[1].exe
sSSAMBHyv.exe
HxomSMbr.exe
twex.exe
zuk[1].exe
Remove Trojan.Spy.Zbot registry entries:
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ systeminit.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ a4hc
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ GbiehAbn
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ GbiehBsb
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ GbiehCef
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\USERINIT\ userinit
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7AD924F3-6353-4f92-B034-A900434ECCAF}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE756CFF-ADB4-4bc5-A35F-19E546E5710E}
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ netnt
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ 2krn
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ 3krn
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ANT
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ AudioHQ
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ AutoNewUpdate
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ csrss
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ fun
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ GlobalFlagimglog
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Hook
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ KernelDrv.exe clean
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ krn
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ LIEL
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Microsoft Internet Agent
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ModBrd1
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ mservices
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ msmmsgr
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Msn 8.0 Live
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ MSNtool
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ msn_livers
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ MyProgram
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ NAVUpdater
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ NAVUpdater32
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ OldDog
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ orkutkut
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Protector GB
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ pst
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ services
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Servs Mast System
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ smss
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ StormCodec_Helper
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ SVC service
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ svchostmp
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ svchost_sprn.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ svhost
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Symantec Fillter Check
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ SymantecFilterCheck
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ sysclean
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ SysCom
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ System32
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ TechZonne
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ TJNW
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Universal Channel System
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Wapp
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Windows Movie Maker
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Windows32
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ WindowsUpdate
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ WinLive
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winnt2
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winnt4
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winntR2
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ WinService32
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ WinUpdate
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ wmiprevse
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Card Adapter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CcEvtSvc
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WINSOCK2\PARAMETERS\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catal
RUNNING PROGRAM\csrcs.exe
RUNNING PROGRAM\Explorer.exe
RUNNING PROGRAM\manleuk.exe
RUNNING PROGRAM\STRWIN32.EXE
RUNNING PROGRAM\svteppsk.exe
RUNNING PROGRAM\WindowsUpdate.scr
RUNNING PROGRAM\winlbom.exe
RUNNING PROGRAM\winlogon.exe
RUNNING PROGRAM\winnt2.exe
RUNNING PROGRAM\winntR2.exe
RUNNING PROGRAM\winpflbp.exe
RUNNING PROGRAM\winupsbdk.exe
SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices "Windows Security Center Notification Applsee"
Comments
good