user fell for a worm, opened an attachment that said video_fragment.zip

I'm running a Symantec antivirus scan but I'm concerned because use is on an Exchange network.

What is the best way to get rid of this virus?
LVL 1
mrmythAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
the_b1ackfoxConnect With a Mentor CIOCommented:
Unplug the system from the network, reboot in safe mode & run your virus scans.  safe mode is entered by rebooting the system and pressing f8 right before you see the windows logo.
0
 
the_b1ackfoxCIOCommented:
PS check out www.appriver.com  email filtering.  It will remove virus, spam and malware incoming and outgoing.  It is very reasonable.  I even get notices when the email is disrupted for any reason
0
 
mrmythAuthor Commented:
I unplugged the system and ran norton antivirus in safe mode. It took almost all day. The virus still seems to be infecting the computer even though norton quarantined and deleted many files.
0
 
the_b1ackfoxConnect With a Mentor CIOCommented:
Is Norton identifying the virus? if so what is the virus called, let me check out it's specs.   Another quick and dirty method, is to take the hardd rive out of the infected system, and connect it to another system.  At this point, I will usually switch up AV engines (Like use the free verion of AVG...)  Whatever you use, make sure it is up to date before you attach the infected harddrive to the system.   Run an AV sweep from the good system to cover the entireity of the infected harddrive.  

In this manner, Windows isn't holding onto the infected files.  If you do not have an additional system available to do this.  then we will need the name of the virus in order to do anything further.  Or is it malware?  (sometimes some av packages will note some malware, but do nothing other than report it... dumb huh?
0
 
mrmythAuthor Commented:
I think I got the little bugger by running Norton Antivirus and then restoring the computer to a previous state before the infection.

From what I understand there was still something in the registry that makes it send out more of these viruses to people in the address book.


0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.