Backdoor:Win32/Zonebac.B Woes

By academydanielle
Jan 4, 2008
  1. HI there! I'm a first time poster and a total newbie to all this... but I saw your response to Help_plz who had the same issue as me... Windows Defender kept detecting Backdoor:Win32/Zonebac.B at every startup. I tried to tell Defender to remove it, but it only seemed to quarantine. This is a company laptop (a small high school) and it looks like someone probably clicked some bad link a long time ago. The computer was loaded with Windows Security, Windows Defender, and MicroTrend OfficeScan Client. Looks like it has a firewall, but the firewall has been disabled and as I am not an administrator, I can't enable it. (Or is that a symptom of the virus??)

    So I saw your response to Help_plz and have already done the following:
    - Chose to clean, rather than reformat because it seems like our company internet firewall and my home firewall likely offered some protection from things getting too ugly, and I'm not an administrator and don't feel comfortable doing something as drastic as a reformat.
    - Followed the preliminary instructions as posted:
    -- Didn't install more spyware or firewall, since it told me not to (hope that was right, since our firewall wasn't working so well)
    -- Tried the online scan, but it kept stalling out- so I skipped it per the instructions.
    -- Followed through steps 11 as instructed with no problems.
    -- The anti-root kit detected no issues.

    I'm a little unclear-- am I supposed to start with step 12 now, or wait for your instruction?
    Also- I read ahead to Step 15... when/if I get there, am I supposed to run Hijackthis or the renamed crusty.exe?

    Thanks... Sure hope I've not done anything too stupid!

    System specs as best as I can put them together...
    Dell Latitude D 620
    Genuine Intel(R) CPU
    T2300 @ 1.66GHz (Dual)
    981 MHz, 504 MB of RAM
    Physical Address Extension
    Microsoft Windows XP Professional 2002- Service Pack 2
    Hitachi HTS541040G9SA00
    Conexant HDA D110 MDC V.92 Modem
    Broadcom NetXtreme 57xx Gigabit Controller
    Dell Wireless 1390 WLAN Mini-Card
    02Micro OZ6912/601/711EO CardBus/SmartCardBus Controller
  2. academydanielle

    academydanielle TS Rookie Topic Starter

    Hi all- I'm still hoping to get some help on this matter.... I'm new and was a bit afraid to repost, but Kimsland suggested I throw myself at your mercies again, so here goes. Sure would love some help!
  3. academydanielle

    academydanielle TS Rookie Topic Starter

    Here are my logs

    I'm really hoping someone can help. Note- When I first ran the AVG scan, I thought I had done the quarantine thing, but I hadn't... that log had 8 items it didn't like, but took no action (because I was an *****.) When I re-ran the scan, there were no items. Is that weird? I even rescanned-- still... nothing. If you want me to post the other report, I will- but I didn't because of the sort of angry warning not to.
    Also- antiroot kit showed nothing.
  4. academydanielle

    academydanielle TS Rookie Topic Starter

    Can I please please get some help?? Please?

    I think I've followed all of the protocol required by this site. I also think I was pretty self-reliant in following the 15 step preliminary removal program on the site. I introduced myself. I listed the system specs of the computer I'm working on. I tried to make a title that was accurate and relevant. I didn't type in all caps. I've waited 24 hours before boosting my thread. I posted my logs and tried to be as descriptive as possible about my problem.

    And yet nobody's replied to this thread but me. What have I done wrong?

    And since it's been days since I did the 15 steps, am I going to have to redo them? I need to return this laptop to school- and now it's in limbo.

    Have I offended the boards in some way? I'm baffled.

    Can someone please take pity on this trojan-heavy newbie?
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...