Zbot Attack of Yahoo Answers

During the past several days, Yahoo Answers  (<–The Real YA)has been plagued with posters(Bots) of  malicious URL’s in answers which leads to a FAKE Yahoo Answers site(See Below)

Which prompts you to download or downloads a answers.exe file which is detected and removed by Malwarebytes’ Antimalware (See Below)(Click to enlarge Pics)

Infected File paths

VirusTotal Report-11 /43 (25.6%)

MD5   : 69522273a49d3053bd8d7d4b5ca379e5

Comodo Malware Analysis

Notes: IE 9 and FF would NOT ALLOW this file to download, :) . Google Chrome let it run with no prob, :(

This infection also changes the settings to use a Proxy Server. Please try the following to correct this

  • Open Internet Explorer
  • Note: It MUST be Internet Explorer, not Firefox, Opera, Chrome or any other internet browser
  • Click on Tools at the top and select Internet Options
  • Note: If you do not see Tools, press the Alt key on your keyboard and it will show up
  • Click on the Connections tab
  • Click on the LAN settings button
  • Under Automatic configuration make sure that the box next to Automatically detect settings is checked, if it is not, then click the box next to it to check it
  • Click on the OK button to close the Local Area Network (LAN) Settings window
  • Click on the OK button to close the Internet Options window
  • Use this diagram as a guide

Y’all be Safe Out There Please !

If your current security solution let this infection through, you might please consider purchasing the

FULL version of  Malwarebytes’ Anti-Malware


Posted May 23, 2011 by Wide Glide in Virus Removal

All Things Equal

A fine WordPress.com site

Everything Anti-Malware!

Reviews, Step-by-Step Guides,Toolkits and News

TechNet Blogs

Malware Removal

SUPERAntiSpyware Blog

Malware Removal

Security Garden

Malware Removal


Malware Removal

miekiemoes' Blog

Malware Removal

Malwarebytes Labs

Malware Removal

Metallica's blog

About malware

Malware Removal

Opera News

Malware Removal


WordPress.com is the best place for your personal blog or business site.

%d bloggers like this: