we have Maccafe as our Anti virus few days back virus called w32/fujacks came into our network now the whole network is effected with many virus like fujacks ... Game.exe ... etc..we removed all the pc from the network then scaned them using maccafe ..AVG ... MWAV ... it was cleaned but once we connected all the systems back to the network again we can see that virus into the system.. please tell me some tool and a way to clean the entire network .. we have around 125 pc in our network ..
2007-02-11 20:06:36 · 5 answers · asked by Abhi 2 in Computers & Internet ➔ Security
This Worm is installed by a Trojan. The Trojan is a Downloader. In other words, it is hiding in areas of your computer that is not normally scanned by Antivirus and Antispyware programs when scanned in the normal mode. Even though you remove the Worm, the Trojan is still there and downloads the Worm as soon as you are done removing it. Hence, Trojan Downloader.
You will have to do this to every computer in your network, individually. Sorry, but since each one is infected, each will need to be cleaned.
I am going to give you a procedure to use and clean your computers. This procedure will have you open hidden areas of your computer for the programs to get all of the Trojan and Worm out of it. At the end of the procedure you will have to delete your Restore Points and set new ones.
This procedure should be used anytime you have an infection.
The ewido program is the best Trojan removal program available.
Be sure your McAfee antivirus program is updated and then use it and the ewido when the procedure tells you to run them. Run the McAfee and then the ewido on each machine.
Download and Update Ewido (also called the AVG Antispyware). Do not run:
http://www.ewido.net/en/download/
TEMPORARILY SHOW HIDDEN FILES AND FOLDERS.
1. Click Start, and then click Control Panel.
2. Click Appearance and Themes, and then click Folder Options.
3. On the View tab, under Hidden files and folders, click "Show hidden files and folders", and clear(uncheck) the "Hide protected operating system files" check box.
IMPORTANT: Files are hidden by Windows for a very good reason. It is not wise to experiment with these files. Unfortunately, to successfully remove modern spyware we must turn this protection off temporarily. Please turn the protection back on when you have finished cleaning your system.
EMPTY INTERNET EXPLORER BROWSER CACHE:
1. On the Internet Explorer Tools menu, click Internet Options.
2. On the General tab, in the Temporary Internet Files section, click the Delete Files button. Select the Delete all offline content check box in the confirmation dialogue box that appears, click OK. Click OK again.
RESTART IN SAFE MODE:
To do this you need to hold down or repeatedly tap the F8 key while the computer is booting (when the computer is displaying a black screen with white text). When the boot menu appears, use your keyboard arrows to select "Safe Mode."
Safe Mode can look quite ugly. The color may look bad, and all of your desktop icons will be very large. This is normal.
START THE SCAN WITH YOUR PROGRAM(S). Run both programs consecutivly.
When the scan and removal are completed REBOOT COMPUTER. This will restart you in normal mode.
RESET HIDDEN FILES AND FOLDERS.
The RESTORE POINTS may be infected with the Malware and cannot be used. Delete the old one(s) and make a new one.
CLEAR OLD RESTORE POINT(S). HERE'S HOW:
1. Click Start, and then click Control Panel.
2. Click Performance and Maintenance, click System, and then click on the System Restore tab.
3. Select the Turn Off System Restore check box, click Apply, then restart your computer.
4. Return to the System Restore Tab and turn System Restore back on.
TO SET A NEW RESTORE POINT:
1. Click the Start button.
2. Point to Programs, then navigate to Accessories, then System Tools, then click System Restore.
3. Choose Create a restore point, and then click Next.
4. In the Restore point description box, type a name for your restore point, and then click Next.
5. Click OK.
NOTE: If you are using Windows XP Service Pack 2 (SP2) and are unable to access the Internet after removing Malware, there is a command that may fix the problem. It works by resetting the winsock catalogue. Click on Start, then Run and type CMD in the box. Click OK. Type "netsh winsock reset" (no quotes)into the DOS window that appears.
2007-02-11 20:33:19 · answer #1 · answered by Anonymous · 0⤊ 0⤋
Since you are talking about 70 systems which are connected to a network it would be very hard to control the Virus.
So what you do is clean a PC with ur Antivirus software and install a firewall like Zone Alarm and enable only Port 80.
Disable all the shares on the network, since most virus spread throught network shares.
If you are not using Network Version of the Antivirus get a Network version of Antivirus.
Which would allow you to monitor virus activity from one single server.
Still stuck get back to me for help.
2007-02-11 20:20:11 · answer #2 · answered by Sunil Saripalli 5 · 0⤊ 0⤋
The best support you can get is from Macafee direct which they can assist of course provided you purchased their support plan. But since you had pulled your system off the network and scanned each individual then something was not scanned fully or protected fully. The best you can do is take everything offline and start one at a time working from the most remote systems you have on your network back to the main systems that are clustered in your main location. Until you can verify through your systems logs that the virus has been purged. Once everything is clean based on your review of your logs then begin to bring segments of your network up and double check each system segment again to verify if any segment was not thoroughly clean.
2007-02-11 20:59:20 · answer #3 · answered by A.M. Gonzales 3 · 0⤊ 0⤋
Use crap cleaner (CCleaner) and tell it to do a clean, then tell it to do a registry scan and then fix all errors. When things get installed they get added to the registry and uninstallers sometimes miss things so all you need is a good registry cleaner. Update: Ahh youve used both Reg Mechanic and CCleaner, like the poster below says, you would have to go into your registry with a fine tooth comb - it would be easier formatting - 2 years is a long time and your registry would be full of crap anyway - do a format, it will be like having a new pc again.
2016-05-24 00:11:11 · answer #4 · answered by ? 4 · 0⤊ 0⤋
Which PC got this virus first?
2007-02-11 20:12:02 · answer #5 · answered by Anssj 1 · 0⤊ 1⤋
Format your computers.
2007-02-11 20:13:42 · answer #6 · answered by ReRe_Sunshine 3 · 0⤊ 1⤋
sorry....youve use Avg for a full scan, then theres nothing more.
i think.
2007-02-11 20:09:48 · answer #7 · answered by Anonymous · 0⤊ 2⤋