2 replies to this topic

[jdmandthegiant]

My boss opened an email containing a word document that was infected.  After picking up on the infection through a notification from Chrome to the loss of a secure connection he notified me of the issue.  I had him install Norton to run a scan on his computer.  It has since given a notification for Trojan.Zbot Activity 21 and Trojan.Cridex Activity 13.  After arriving to his office I ran Norton's Power Eraser and restarted the computer to no avail.  I am still getting the same notifications that he had gotten before.  After researching this specific trojan further I have realized that I need some professional help with removing this.  So here I am... Any help would be greatly appreciated.  Thanks in advance.

[ken545]

 

This sounds like a work or corporate/company  computer, some of the scans we use and need to see the reports from may show some sensitive company info, so its up to you if you want to continue. If you do, myself and WhattheTech will not be responsible for any damage that may be done to this computer. By continuing and posting the logs we need to analyze your system and other programs we may need to run you agrree to this. 

 

All our tools and scanners run better right from the desktop in lieu of being run from a folder

 

Please download aswMBR to your DESKTOP <<<<<

 

Right click the aswMBR icon and select Run as Administrator

XP users just Double Click it to run

If it says that this computer supports VIRTUALIZATION TECHNOLOGY do you want to use it say Yes

Click the Scan button to start scan.

Select Quickscan on the dropdown list

If you are asked to update the Avast Virus database please allow it to do so.

The scan could take 20 minutes or more , please be patient and let it finish

It will say Scan Finished when its done.

When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.

 

I just want to see the report....Please Do Not Fix Anything

 

============================================================================

 

 

Please download Farbar Recovery Scan Tool and save it to your DESKTOP<<<<<<

 

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

 

How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system

A simple way to check your system: Start --> Computer (right click) --> Properties

 

 

 

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.

Just keep the defaults as in the picture checkmarked

Press Scan button.

It will produce a log called FRST.txt in the same directory the tool is run from.

Please copy and paste log back here.

The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

[ken545]

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.htmland start a new topic