I posted this question a day before, but i did not receive any real help! I am posting it again and am looking for your expert advice and real solution to my problems, URGENT!
Hi! I am responsible at my work to keep servers clean and protected against viruses. I have Symantec Antivirus Corporate Edition and I keep it updated by installing the most recent Virus Definitions. But I am facing a big trouble. EXPERT advice/help is urgently required for following:
1. The viruses keep coming and they creat .eml files in all folders.
2. The AV quarantines all infected files and creates .vbn files in thousands in Quarantine folder. They occupy huge space (sometime as much as 5GB).
Can you please tell me:
1. How can i restrict .eml files from being written
2. Is there a way to stop .vbn files from being written/created?
Urgent Response is requested!SOS!!!!Help/Advice WANTED URGENTLY - 2ND POST?
It would ahve been much better, if you could tell us, what virus it call, when it quarantines it, if you can give us the virus name that will be much better, you can check the History section in the client and can also paste it here, and with that virus name google it like
w32_nimda+removal tool
replace w32_nimda with the actual virus name, Also check whetehr your servers OS is patched and updated, you can use MBSA, that is Microsoft Baseline Security Analyzer for missing patches and run a scan with it, if you manage a server i expect from you not to ask where you can get it? lol. Download windows latest malicious software removal tool and run it. Also there is a high possibility that it might have infected your whole network, scan the server with Online Virus scanner like,
www.housecall.trendmicro.com, this also scans for missing patches for OS.
Edit:- it is Indeed Nimda worm as i suspected, i really doubt your Sysdmin skills now, coz thats a very old worm, and it spreads through OS vulnerability, so patch up your server real fast if its running a Winodws OS. here are the removal instructions
http://www.f-secure.com/v-descs/nimda.sh鈥?/a>
hope that helps.SOS!!!!Help/Advice WANTED URGENTLY - 2ND POST?
Use sophos not symantec rubbish
No comments:
Post a Comment