• Microsoft Windows 95, 98, Me, 2000, XP, Vista, 7, and 8
• Microsoft Server 2003, Server 2008, Server 2008 R2, and Server 2012
*There is no need to take action with devices running other operating systems, such as MAC OS, iOS, Android™ or Linux.
Why should I take action?
This particular malware presents a significant threat as it has multiple malicious purposes, including:
• Is primarily used by cybercriminals to harvest banking information, such as log-in credentials from infected systems.
• Downloads more malware, including ‘ransomware’ (https://en.wikipedia.org/wiki/Ransomware) and also allows spammers to send bulk email from the infected systems.
• Infected systems can be used to engage in distributed denial-of-service (DDoS) attacks.
How do I clean and protect my computer?
We recommend that you download and run one of the following FREE tools that have been updated for this specific malware.
Instructions on how to download and run Symantec’s Trojan.Zbot Removal Tool can be found at http://www.symantec.com/security_response/writeup.jsp?docid=2014-052915-1402-99
The Microsoft Safety Scanner can be found at http://www.microsoft.com/security/scanner/en-us/default.aspx
After you have run the tool(s) we recommend that you:
Use and maintain Anti-Virus software - See more help and information on removing viruses and malware and on securing your devices at our TWC Central Bothelp page.
Change your passwords - Your original passwords may have been compromised during the infection, so you should change them (see Choosing and Protecting Passwords (http://www.us-cert.gov/ncas/tips/ST04-002) for more information).
Keep your operating system and application software up-to-date - Install software patches so that attackers can't take advantage of known problems or vulnerabilities. Visit http://update.microsoft.com/windowsupdate to check for updates to Windows.
If you have questions or concerns about this process or this notification, please call us at 1-855-222-7342.