How to Remove win32/zbot.g
Langsung saja saya gak pake basa-basi karna ini keadaan darurat...
Laptop kerja saya terkena "semacam" virus win32/zbot.g setelah saya cari info tentang virus yg menyerang komputer sedikit bisa saya kasih penjelasanya di sini :
Spoiler for Trojan-Spy.Win32.Zbot.gen (fs) Information and Removal:
Threat Name : Trojan-Spy.Win32.Zbot.gen (fs)
Category : Trojan
Advice : Quarantine
Description : It injects code from a remote site to steal information from its victims, including cached passwords, login credentials for web sites (chiefly banks) as well as data in certificates and cookies. It has some backdoor functionality and may record keystrokes.
Spam campaign # 1
There are reports that it was distributed through spam email, in some instances as a file purporting to be an airline e-ticket.
Spam campaign # 2
In another instance, it was included in a spam from an alleged United Parcel Service of America as an infected attachment with the file name UPS_NNR01.zip
-------- Original Message --------
Subject: Ninja Killed - Postal Tracking #PSGMR64782BY2C2
Date: Wed, 15 Apr 2009 16:32:50 +0900
From: United Parcel Service of America email@example.com
We were not able to deliver postal package you sent on the 14th of March in time because the recipients address is not correct.
Please print out the invoice copy attached and collect the package at our office.
Your United Parcel Service of America
Spam campaign # 3
In a third campaign in April, 2009, it was being spread as an infected attachment in a spam e-mail, claiming to be an e-payment notification of an order with Amazon.com:
Subject: WorldPay CARD transaction Confirmation
Your transaction has been processed by WorldPay, on behalf of Amazon Inc.
The invoice file is attached to this message.
This is not a tax receipt.
We processed your payment.
Amazon Inc has received your order,
and will inform you about delivery.
This confirmation only indicates that your transaction has been processed successfully.
It does not indicate that your order has been accepted.
It is the responsibility of Amazon Inc to confirm that
your order has been accepted, and to deliver any goods or services you have ordered.
McAfee: Generic PWS.y
We have documented more than 2,700 files related to Trojan-Spy.Win32.Zbot.gen (fs) since it was first detected..
Trojan-Spy.Win32.Zbot.gen (fs) has been known to create the following folders:
C:\Documents and Settings\NetworkService\Application Data\wsnpoem
sumber : http://www.sunbeltsecurity.com/Threa...0347E53186ABD5
Sangat-sangat mengganggu sekali jika Avg security dalam keadanya menyala akan keluar pop up notifikasi tentang adanya virus yang menginfeksi banyak program, setelah saya coba hapus pun masih tetap ada dan menurut saya ini sangat merusak...
saya sudah install ulang windows vista saya sampai 2 kali install tapi masih saja ada.. saya sudah berusaha mencoba men-scan dengan software Malwarebyte's Anti-Malware saat sebelum menulis Thread ini, dan sekarang masih dalam proses scanning dengan hasil sementara Object Infected ada 4.
Tapi virus ini tetap membandel.. sekiranya saya mohon sarannya dari teman teman semua bagaimana caranya mengatasi virus win32/zbot.g ini?