Zbot Notfication

Question

Back on January 11th I received a nastygram from Cox stating that one of my computers was infected with the Zbot virus.
So, I ran all of the anti-virus software recommended in the email&nbsp; (plus a few more) and found absolutely nothing.
To play it safe, I restored my system from an image back-up that was made before Cox notified me of the supposed infection.
What I want to know is exactly what URL was supposedly contacted by my computer to cause Cox to send me the nastygram.
I want to try to track down how this happened and prevent it from happening again in the future.
Contacting the support number in the email was a genuine waste of time.&nbsp; They could tell me absolutely nothing.
On January 18th, I tried using the online chat service with similar results.
So, I told them I wanted to escalate the matter o tier 2 internet support in Atlanta.
I was given a trouble ticket number and was told that I would be contacted by phone once this issue had been researched.
A week later, I called the number that I was given and was told that it was the wrong number.
I was also told that the trouble ticket was assigned to the wrong support team and had never been worked on!
They transferred me to yet another phone number.&nbsp;&nbsp;
I asked for the direct number in case I got disconnected and told that it was available.
So now, I've been on hold for over 30 minutes.
Needless to say, I'm not very satisfied with the customer service that I've received on this matter.
I take security issue seriously.
I'm using McAfee.
Do complete scans with MBAM on a weekly basis.
And, run MRT each month as it becomes available.
I really need to find-out how my system became infected with a virus that's been around for years.
Thanks.
JimboCox

chrisl · Answer

@JimboCox

For safety reasons this is not something we would readily share however you could try to implement some sort of DNS monitoring at your router and look for unusual reuqests which should help you isolate the issue further.

tcox · Answer

I have had the same experience. At the least, you would expect to be given an IP address:port of the remote PC being contacted to isolate the problem among potentially dozens of devices. For unknown reasons Cox will not provide this. Malware has become much more sophisticated in recent years, and some variants are said to be able to evade easy detection. JAVA and adobe flash are listed as primary vectors and should be uninstalled if possible. Before you write off the ZBot warning as a false positive, try some of the free tools found at the trusted malware removal sites such as bleepingcomputer or malwareremoval. The tools I have found particularly useful are eset online, rkill, SAS and the FRST diagnostic. For me, MBAM has been one of the least effective in recent years.
You should also consider the browser as a separate security issue. Refresh your browser whenever you suspect a problem. Also check your router FW and PC Bios.

socal_transplan · Answer

malwarebytes!
worth every penny. real time coverage identifies&nbsp; both outgoing (huh??) and incoming attempts all day.
my computer once DID get infected while running McAfee. i don't trust it. even if it is free from cox.

Forum Discussion

Zbot Notfication

3 Replies

Related Content

Zbot Virus

Spurrious zbot warnings

Zeus Zbot Cox pop up

Received warning about zBot, but we have no Windows machines here.

Verification of email from COX

Recent Discussions

CAN SOMEONE PLEASE HELP ME

Transition from Windows Live

Successful Email transition to Yahoo: using Thunderbird on Windows

Missing email after yahoo transition

Can’t click on hyperlinks in yahoo mail