Sunday, January 22, 2006

Virus Attack - W32.Blackmal.E@mm

Virus... isn't this a common discussion between Windows user??

This week, i've been to client's office mainly just to be virus buster...

This is not a brand new i virus though, it's been hitting "seriously" lately to almost 50 clients i've been to...

It's not a serious, destructive virus, it takes a lot of time to kill and cure though.

Alright, the main cast here, i'm talking about is W32.Blackmal.E@mm

This name is from Symantec, don't get confused here, i'm not a strong supporter of Symantec, but most of my clients using NAV has been "flooded" with the effect of this virus.

I haven't find out why would even the NAV server has been seriously "injured".. maybe Sym can answer that.

Alright with frust.. if you found yourself receiving a pop up message (by messenger - not MSN yeah..) stating from "whom" to "whom" has got a virus infection affection by the name of Blackmal.E@mm

Well, the first thing when i came across this, i'll check on the NAV server (or whatever AV server you have) to see if it's been compromised. Normally it will... sad to say that...

The very next thing i'll do is to disconnect everybody elses from the network, just take out the network cable and tell the network admin to tell everybody off the the work, cuz this will take quite some time to settle.

When everybody is off the network, i'll start by using the virus removal - http://securityresponse.symantec.com/avcenter/venc/data/w32.blackmal@mm.removal.tool.html
and paste on the desktop and start by scanning and removing those virus.

Alright, you'll be lucky if you got 10 w/s to go... i'm not...

After a long scanning and removing, which every w/s i'm gonna do it twice at least, just to make sure everything is ok.

Finally on the server side, which it normally has kill off the AV's directory, can't possible been scan anymore. After curing the virus, will have to remove the NAV and re-install again.

Same goes to the rest of the workstation if you find it can't be scan anymore.

Anything else??

After i've done that, it's almost the end of my day... not my working hour, though.

Going home with an exhausted mind and body... i'll start work again next week... see ya

regards,
Grant
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)