Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

W32.BlastClan.B

Created: 07 Jan 2008 • Updated: 21 May 2010 | 2 comments
EFL's picture
Hi all,
 
   In one of my branch office, we have SAV 10.1 Corporate Edition installed in 30 Nos of Win XPP PCs. Last week this network is attacked by W32.Blastclan.B Virus. Eventhough the autoprotect detects the threat it does not clean the root cause of the virus.
 
   I already followed the instructions given by symantec support pages but results not solved. Please give a solution to overcome this problem.
 
 
Regards
Sivakumar K M
Ennore Foundries Ltd
Chennai - INDIA
Mob: +91 98417 09780

Comments 2 CommentsJump to latest comment

paulorf's picture

From the writeup: W32.Blastclan.B is a worm that spreads by copying itself to network shares.

Basically what is happening there is that you have a machine that is trying to copy the threat from an unprotected machine to the protected machines. That is why Symantec Antivirus is detecting it but it comes back again. You need to find that unprotected machine to stop the infection.
It is quite likely a laptop that somebody plugged into the network or an "under the desk" machine that is managed by your IT and therefore it may not have antivirus or out of date definitions.

There is a feature called threat tracer in SAV that tells you from which machine is the threat coming. You can also see the open connections with a netstat or tcpview from sysinternals.

This should solve your issue

EFL's picture
Thank you Sir
 
Regards
K.M.Sivakumar
Ennore Foundries Ltd