Solved

Infected by the 'Qakbot'

Posted on 2009-05-06
5
1,193 Views
Last Modified: 2013-11-22
Many machines appear to be infected by a new form of this virus. CA does not have solution for this strain of virus as of last night. Could this be an isolated infection or have others reported this to the Experts?
Thanks,
Lance
0
Comment
Question by:lloakley
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 2

Expert Comment

by:FatManc
ID: 24314134
I would download the latest versions of the following malware removers and rescan the machines.

malwarebytes - http://www.malwarebytes.org/mbam.php
[Admin Edit - link removed. Vee_Mod]

make sure that both packages are up to date.

If nothing is identified please post a HiJackThis log -

http://download.cnet.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html

Thanks
John
0
 
LVL 23

Accepted Solution

by:
Mohamed Osama earned 500 total points
ID: 24317364
Please take a look at this write up for manual removal instructions
http://www.sophos.com/security/analyses/viruses-and-spyware/trojqakbota.html 
Malwarebytes should handle it as advised above, if all else fails, I am pretty sure Combofix can clean it.
0
 
LVL 2

Expert Comment

by:FatManc
ID: 24333700
Hi - any luck with the solutions on this page?
0
 

Author Comment

by:lloakley
ID: 24354184
Our virus protection vendor authored a solution. We've applied the updates and this seemed to fix the trouble. Thank you Experts for your efforts...
Lance
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OVERVIEW This guide provides information on the process performed when the Symantec Endpoint Protection (SEP) client checks in with the Symantec Endpoint Protection Manager (SEPM). AUDIENCE Information Technology personnel responsible for suppo…
PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question