Loading Profile...
trojan-spy.win32.zbot.gen .. persistant after several cleanings/removals
This little beast and another one called trojan.crypt.morphene.gen just won't stay gone!
The first sign of it was vipre alerting that it had blocked the file "sysguard.exe" from running.
Clicked OK then saw the little red security shield load on the taskbar with the balloon tip that threats were found on the machine...but then it was gone. I figured vipre stopped it and we were ok..
Did several deep scans but it was always found again. Did a deep scan in safe mode and it still was there again after that, this includes several reboot scans as well.
I have over 9mb of logs to send in, I just need a ticket number to associate it with.
The logs themselves have a lot of Chinese characters in them, that can't be good either.
I've even booted to a live cd and went in to manually delete "sdra64.exe" and it's not there.
I can see in the logs where vipre reports it's not found...but the scan details point to this file being the source.
I'm going to see if Eset has anything that will kill this.
I think my wife got this from a facebook app. It's the only thing she uses the computer for.
-Gordon
The first sign of it was vipre alerting that it had blocked the file "sysguard.exe" from running.
Clicked OK then saw the little red security shield load on the taskbar with the balloon tip that threats were found on the machine...but then it was gone. I figured vipre stopped it and we were ok..
Did several deep scans but it was always found again. Did a deep scan in safe mode and it still was there again after that, this includes several reboot scans as well.
I have over 9mb of logs to send in, I just need a ticket number to associate it with.
The logs themselves have a lot of Chinese characters in them, that can't be good either.
I've even booted to a live cd and went in to manually delete "sdra64.exe" and it's not there.
I can see in the logs where vipre reports it's not found...but the scan details point to this file being the source.
I'm going to see if Eset has anything that will kill this.
I think my wife got this from a facebook app. It's the only thing she uses the computer for.
-Gordon
1
person has this question
I have this question, too!
Tell me when someone answers.
The more people who ask this question, the more it gets noticed.
The more people who ask this question, the more it gets noticed.
Create a customer community for your own organization
Plans starting at $19/month
-
Inappropriate?Gordon, thank you for posting.
It'd be best if you contact us directly by emailing support@sunbeltsoftware.com. We'll need to collect some diagnostics from VIPRE as well as some other logs. One of our malware specialist can assist you in removing any traces that VIPRE may be having trouble removing.
