Video Screencast Help

Virus in windows 2003/2008 server

Created: 11 Sep 2013 | 6 comments

I found common virus in my windows 2003 and 2008 servers. I need urgent sollution for this. This is keep coming after symantec cleaned also. I use Symantec Endpoint protection version 12. Please find the attachmentMKP.JPG

Operating Systems:

Comments 6 CommentsJump to latest comment

pete_4u2002's picture

cannot see the picture clearly, looks like SEP is detecting the threat from the pop up window.

is the location of the file local machine?

can you scan in safe mode?

is the detection worm?

enable the risk tracer to identify the source of infection.

AjinBabu's picture

HI,

Update SEP client and run a full scan and verify it is free from virus. Hope that it detected via auto-protect.

Regards

Ajin

Mick2009's picture

Hi Ajay,

It looks to me like SEP is detecting something with its heuristic technologies.  Definitely submit that file, along with any others that come up in the SEPM's reports:

Using SEPM Alerts and Reports to Combat a Malware Outbreak
https://www-secure.symantec.com/connect/articles/using-sepm-alerts-and-reports-combat-malware-outbreak

 

With thanks and best regards,

Mick

Mithun Sanghavi's picture

Hello,

I would suggest you to run the SymHelp Utility, to collect all the suspicious files on the machine which can later be submitted to the Symantec Security Response Team.

Check these articles:

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

https://www-secure.symantec.com/connect/articles/using-symantec-help-symhelp-tool-how-do-we-collect-suspicious-files-and-submit-same-symante

We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it.

What to do when you suspect that a Symantec AntiVirus product is not detecting viruses

http://www.symantec.com/docs/TECH99222

 

Here are some excellent suggestions on how to keep your computers, their users and data safe:

http://www.symantec.com/theme.jsp?themeid=stopping_malware&depthpath=0

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Mick2009's picture

Hi Ajay,

Just a ping to see if you were able to resolve this matter.  Any advice or experiences that you would like to share may be of benefit to future admins in the same situation.

Here is another good article:

Preventing and handling virus and spyware attacks on client computers
http://www.symantec.com/docs/HOWTO80935 
 

With thanks and best regards,

Mick