Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 894
  • Last Modified:

W32.Mabezat.B Virus

We took over a client recently where every server and workstation was infected badly with the W32.Mabezat.B virus.  We have installed temporary servers with new 2003 installations and updated Symantec, and have tried cleaning the XP workstations with a number of different methods that we have found on the internet.   This has not been successful and we are battling to remove it.   Has anyone had any success with a particular method of removal??  I'm reluctant to reformat every workstation if at all possible.  We have also noted that Symantec seems to get into a loop after it tries to clean the virus, continually demanding a restart.
0
PNRT
Asked:
PNRT
1 Solution
 
*** Hopeleonie ***IT ManagerCommented:
yes i did it with http://www.pandasecurity.com/activescan. try and tell me
0
 
JeremySBrownCommented:
You might want to try...Dr. Web Anti-Virus and Combofix...
http://www.freedrweb.com/
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
0
 
Mohamed OsamaSenior IT ConsultantCommented:
In such cases , if the above tools did not do the trick, manual removal can help here.
http://vil.nai.com/vil/content/v_143555.htm
you just need to take the machine(s) offline in safe mode , one by one , delete the files and registry keys, search for & delete hidden autorun.inf files .maybe run a tool like Flash disinfector, ,empty Temp folders ,reboot , update Antivirus & scan, you should be good to go.

0
 
vvladaCommented:
Hi,

You don't need to change Symantec, just turn of system restore on workstations, reboot in safe mode and run full scan (before, your av defs need to be updated). What version of Symantec are you using? If you can find what files are virus submit it to the Symantec using virus submit page:

https://submit.symantec.com/websubmit/gold.cgi

and in a couple of hours (or minutes) you will get response in email with instructions or link to the rapid release definitions that will help you clean the virus.

best regards,
Vladimir
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now