Link to home
Start Free TrialLog in
Avatar of polycorjsp
polycorjsp

asked on

Stration/Warezov worm

I've been listed in the http://cbl.abuseat.org web site because of this Virus (Stration/Warezov worm).  I'm using trend micro office scan and Trend Micro Server Protect.

I'm unable to identifiy the computer infected...  Any idea how to resolve this issue?

Thanks!
Avatar of silganit
silganit

There is a good chance these are not coming from you Viruse like Stration likes to hide where it is comeing from by going through the address book of the infect computer and listing that person as the sender as an example let say that bob computer is infected the viruse will go in to the address book find an e-mail addres and then start send out infected e-mail except the e-mail are from Steve no ever expects bob computer as the sender.

the fact that you are running Trend Micros tell me that you are probly not infected I too run Trend Micro and we are stopping this bug befor it get in to the system with Mail scan so I know that as long as your patten file is up to date it will detect and remove the bug. if your manitence is current I would suggest that you upgrade to officescan 7.3 this will provide you with spyware and viruse protection for both your workstation and servers.
ASKER CERTIFIED SOLUTION
Avatar of Simon Earl
Simon Earl
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
if you are using officescan 7.3 it has a firewall feature and I beg the differ about trend we have been using this product for years and have not gotten an infection for that fact I can produce logs that show the stration bug being deleted before it gets in to our network. so i know it works.
silganit,

I'm disagreeing with you about the use of Trend in the other post, so I'm not going to waste the question asker's time here.

Point to question if anyone's interested

https://www.experts-exchange.com/questions/22047299/autorunning-cmd-executable-at-startup-delso-exe.html

Polycorp.....any news on your problem ?

Thanks
Si
Avatar of polycorjsp

ASKER

Hi legalsrl,

I have 160 computers in 4 different location (4 domain controller - 1 DC and 3 child domain)...  we are all connected together with a VPN connection.  I really don't know were to start...  Do I have to go on each computer or can I build a script that will install the software and run it???

Please help! :)
Thanks for the hyperlink.  I've build a script and execute the program and no more listed.

Thanks!