Solved

user fell for a worm, opened an attachment that said video_fragment.zip

Posted on 2007-11-27
5
219 Views
Last Modified: 2013-11-22
I'm running a Symantec antivirus scan but I'm concerned because use is on an Exchange network.

What is the best way to get rid of this virus?
0
Comment
Question by:mrmyth
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 9

Accepted Solution

by:
the_b1ackfox earned 500 total points
ID: 20363817
Unplug the system from the network, reboot in safe mode & run your virus scans.  safe mode is entered by rebooting the system and pressing f8 right before you see the windows logo.
0
 
LVL 9

Expert Comment

by:the_b1ackfox
ID: 20363822
PS check out www.appriver.com  email filtering.  It will remove virus, spam and malware incoming and outgoing.  It is very reasonable.  I even get notices when the email is disrupted for any reason
0
 
LVL 1

Author Comment

by:mrmyth
ID: 20370855
I unplugged the system and ran norton antivirus in safe mode. It took almost all day. The virus still seems to be infecting the computer even though norton quarantined and deleted many files.
0
 
LVL 9

Assisted Solution

by:the_b1ackfox
the_b1ackfox earned 500 total points
ID: 20373058
Is Norton identifying the virus? if so what is the virus called, let me check out it's specs.   Another quick and dirty method, is to take the hardd rive out of the infected system, and connect it to another system.  At this point, I will usually switch up AV engines (Like use the free verion of AVG...)  Whatever you use, make sure it is up to date before you attach the infected harddrive to the system.   Run an AV sweep from the good system to cover the entireity of the infected harddrive.  

In this manner, Windows isn't holding onto the infected files.  If you do not have an additional system available to do this.  then we will need the name of the virus in order to do anything further.  Or is it malware?  (sometimes some av packages will note some malware, but do nothing other than report it... dumb huh?
0
 
LVL 1

Author Comment

by:mrmyth
ID: 20375659
I think I got the little bugger by running Norton Antivirus and then restoring the computer to a previous state before the infection.

From what I understand there was still something in the registry that makes it send out more of these viruses to people in the address book.


0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
The goal of the tutorial is to teach the user how to live broadcast using Flash Media Live Encoder and connecting it to YouTube to broadcast. Log into your Youtube account, choose live stream settings, start live stream from Flash Media Live Enc…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question