locked
help dangerous virus RRS feed

  • Question

  • i have this problem for several days, alot of the pc's in my office is infected with unknown virus the symptoms is as follow:

    1. first thing thing this virus do is hit the forefront client security and it cant run

    2. turn the system restore off

    3. and it moves from one pc to another throw network

    i have tryed every thing so far to get this virus, the infected pc's all running xp system, and it made me a great headic and i look useless against it nothing i can do but format, i use forefront for almost 2 years and was fine till now, it looks useless against this virus please can any one help???????????????????????

    Monday, March 29, 2010 3:29 PM

Answers

  • Hello there,

    I would personally suggest to use autoruns.exe, procexp.exe and tcpview.exe from Microsoft's Sysinternals (http://live.sysinternals.com/ ) to find any strange running processes and collect them.

    Please send the samples to Microsoft for analysis using the following link https://www.microsoft.com/security/portal/Submission/Submit.aspx,

    If you collected the good samples of malware, Microsoft Technicians will publish your malware signature into a new Forefront/Microsoft Security Essentials virus signature.

     

    Hope my comment helped.

     

    PS: Alternatively you can scan online the sample on http://virustotal.com or http://virusscan.jotti.org/en before sending it to Microsoft.

    Regards,

    Victor

    Monday, March 29, 2010 3:52 PM

All replies

  • Hi,

    it's probably time to call CSS.

    Thanks.


    Bechir Gharbi. MCSA, MCSE M+S, MCITP Server/Enterprise Administrator, MCT, MCTS Configuration Manager/Forefront
    Monday, March 29, 2010 3:40 PM
  • Hello there,

    I would personally suggest to use autoruns.exe, procexp.exe and tcpview.exe from Microsoft's Sysinternals (http://live.sysinternals.com/ ) to find any strange running processes and collect them.

    Please send the samples to Microsoft for analysis using the following link https://www.microsoft.com/security/portal/Submission/Submit.aspx,

    If you collected the good samples of malware, Microsoft Technicians will publish your malware signature into a new Forefront/Microsoft Security Essentials virus signature.

     

    Hope my comment helped.

     

    PS: Alternatively you can scan online the sample on http://virustotal.com or http://virusscan.jotti.org/en before sending it to Microsoft.

    Regards,

    Victor

    Monday, March 29, 2010 3:52 PM