Hi All,
Recently one of the workstion is being affected by the virus. I am not sure how to investigate the rootcause of the virus.
I have took the sample of the file and put in a virus total and found that the reputation of that file is very bad.
Immediately I have informed the concern team to remove the affected machine from the network and ask them to reimage.
Since it was workstation I have done this part as a soluction.
But if it is server affected by the virus or worm. How to find the root cause and handle the situation.
Kindly suggest.
Regards,
SRV