The Zeus bot is a Trojan Horse virus that attempts to steal confidential information from you. A Trojan Horse virus is something disguised as a legitimate program, but actually infects you when you download and run it. The Zeus bot is very complex and requires a number of tools to completely remove it. A number of anti-virus companies developed specific tools to remove this bot, but this guide will use tools that can also clean off a number of other infections at the same time. We will use TDSS Killer, Malwarebytes, and AdwCleaner.
Step 1: Download TDSS Killer from http://www.bleepingcomputer.com/download/tdsskiller/dl/4/
Step 2: You may need to rename the file you just downloaded before it will run. To do this, right click on tdsskiller.exe and click “Rename”. Change it to a random name such as “123.com” and run it. If that did not work, try renaming it to “iexplore.com” and run it.
Step 3: You will need to accept Kaspersky’s terms before running. Next click the “Start scan” button.
Step 4: TDSS Killer will now scan your computer and then display a window with what it found. Click “Continue”.
Step 5: After it has finished cleaning, click the “Reboot now” button and restart your computer.
Step 1: Download Malwarebytes Anti-Malware from https://www.malwarebytes.org/mwb-download/
Step 2: Run the setup file and install Malwarebytes.
*When installing Malwarebytes you will have the option to enable a free 30 day trial of their premium service, this is not required.
Step 3: Click the “Scan Now” button in green, if an update is available then click the “Update Now” button in the bottom right. The scan will begin once the update is finished.
Step 4: The scan may take some time, depending on your computer and the number of infections, but once it is finished click the “Apply Actions” button in green.
Step 5: Malwarebytes may or may not request that you reboot your computer after it has removed the infections, if it does you may proceed to reboot.
Step 1: Download AdwCleaner from http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
Step 2: Run the “adwcleaner.exe” and click the button that says “I Agree” and let it download the latest database.
Step 3: Click the “Scan” button and let it scan your computer.
Step 4: Once the “Clean” button is available, click that and allow AdwCleaner to remove the detected files.
Step 5: After the detections have been removed, AdwCleaner will ask you to reboot your computer, proceed with that.