Trojan on Work computer.

C

Circuit_breaker

New Member
I've taken steps to download avg to try and find the trojan or virus(not sure what is infecting the computer)with little help short of finding tracking cookies. Need help in finding out what it is and how to get rid of it. PLEASE HELP. THANKS.
 
C

Circuit_breaker

New Member
I've been trying to install the program but it gets to the very end (Finishing Installation) and freezes. Any other program or process I might can try?
 
C

Circuit_breaker

New Member
Tried to also run hijackthis and it wouldn't even install. Downloaded but the install wouldn't open when I tried to open the file. Please Help
 
S

Scorpio721

New Member
Personally i would do the following:
1: Download, Install and update "Spyware Terminator"
2: Run a Full scan with that.
3: Download, Install and update "Spybot Search & Destroy"
4: Run a full scan with that.
5: Then use any anti-virus you have (i use avast antivirus home version)
6: Then download and install HijackThis
7: Run a scan with that. If need be post scan report on forum if you don't understand which items should be present and which shouldn't.

Once you've done that you can be assured that your system is safe!

:)Hope it helps!
 
Last edited:
Respital

Respital

Active Member
Hello:

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.

In your next reply i will need:
  • The ComboFix log
  • A HiJackThis log
  • An update on how your computer is running
 
johnb35

johnb35

Administrator
Staff member
If you can't get anything to download, install or run on that computer, you may have to take the hard drive out and slave it to another system and scan with an antivirus program like AVG. Usually it will find the offending items that is stopping programs from working correctly. After scanning with AVG or the like, put drive back in original system and see if you can do scans with Malwarebytes and Hijackthis.
 
Respital

Respital

Active Member
Another option would be to download ComboFix on a working computer and save it to a flash drive, then plug it into your computer and run it.
 
C

Circuit_breaker

New Member
Okay so I found the Trojan using AVG 8.5. Can anyone please help me figure out how to manually get rid of it or let me know what to do? PLEASE!!! Sorry for using more than one thread but I haven't learned how to delete any of them.

"Scan ""Scan whole computer"" was finished."
"Infections";"2";"2";"0"
"Folders selected for scanning:";"Scan whole computer"
"Scan started:";"Thursday, March 19, 2009, 1:20:36 PM"
"Scan finished:";"Thursday, March 19, 2009, 2:33:00 PM (1 hour(s) 12 minute(s) 23 second(s))"
"Total object scanned:";"330417"
"User who launched the scan:";"Rick"

"Infections"
"File";"Infection";"Result"
"C:\Documents and Settings\Rick\Local Settings\Temp\94038750";"Trojan horse BackDoor.Agent.ZDT";"Moved to Virus Vault"
"C:\WINDOWS\Temp\95353328";"Trojan horse BackDoor.Agent.ZDT";"Moved to Virus Vault"

"Warnings"
"File";"Infection";"Result"
"C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\14krz7wm.default\cookies.sqlite";"Found Tracking cookie.Advertising";"Healed"
"C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\14krz7wm.default\cookies.sqlite:\advertising.com.203aa218";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\14krz7wm.default\cookies.sqlite:\advertising.com.b624fa46";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\14krz7wm.default\cookies.sqlite:\advertising.com.1820df7a";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\14krz7wm.default\cookies.sqlite:\advertising.com.525a5fb9";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\14krz7wm.default\cookies.sqlite:\advertising.com.f62113d5";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\14krz7wm.default\cookies.sqlite:\atdmt.com.b3e33b5f";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\14krz7wm.default\cookies.sqlite:\msnportal.112.2o7.net.7225be6f";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\14krz7wm.default\cookies.sqlite:\revsci.net.44927ec";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\14krz7wm.default\cookies.sqlite:\revsci.net.2df99d79";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\14krz7wm.default\cookies.sqlite:\revsci.net.55564293";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\Rick\Application Data\Mozilla\Firefox\Profiles\14krz7wm.default\cookies.sqlite:\revsci.net.e9dbeb91";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
 
You must log in or register to reply here.
Top