RE: [fhctech] Win32.Brontok worm
- Make sure it's not the false positive that Lynn Shaw's email referred to before bothering to try to remove a virus that may not actually exist on your system. For those of us running Deep Freeze, these kinds of things are non-events anyway. A simple re-boot fixes the problem. If you are not running Deep Freeze, you should be. Deep Freeze lets you sleep better at night!Dan Vester
From: email@example.com [mailto:firstname.lastname@example.org] On Behalf Of William Woodford
Sent: Thursday, May 21, 2009 5:31 PM
Subject: Re: [fhctech] Win32.Brontok worm
After doing some research I found a removal tool for this problem:
http://www.bitdefen der.com/VIRUS- 157247-en- -Win32.Brontok. A@...
The website also has a description of the trojan/worm and detailed information on it.
Fayetteville North Carolina West StakeOn Thu, May 21, 2009 at 8:19 PM, merloutre <geneamom@comcast. net> wrote:
I came into the FHC tonight to find a message from the librarians that one of our computers is giving a worm message. When I turned it on I get the Windows Seurity Center Alert window popup telling me "Windows Firewall has blocked some features of this program. Do you want to block this suspicious software> Name: Win32.Brontok Risk level: High" I can enable protection, which I did. Although, it brings me to a web page to buy some protection software.
I manually updated Symantec, which said it had last been updated 5/19/2009. Although, there was something to update which I did do. I am now running a full scan on the computer. Although, it keeps popping up with messages about Symantec Antivirus Notification
Scan type: Auto-Protect Scan
Even: Security Risk Found!
File: C:\Documents and Settings\Patron\ Application Data\Google\ Shell3 (with some file name after, I forget)
Location: Unknown Storage
Action taken: Terminate Process Required
Date found: Thur, May 21, 2009
Another window popped up:
Full Scan started..... ...
Action: Reboot Required- Partial
Filename: jaeio234556. exe
I have never, in all the years I've worked here, had problems with any virus or anything. Isn't our protection from SLC supposed to prevent this? I am leaving on vacation tomorrow and can't deal with this right now. What can I tell the director to do while I'm gone to take care of this? How could we have gotten this if we keep everything up to date?
Thanks for any advice. I've been under enough stress from dealing with taking care of my parents ailing health right now to be faced with this now. I don't use Symantec at home and am unfamiliar with it.
------------ --------- --------- ------
Home Page: http://fhctech. org/fhc
Community email addresses:
Post message: fhctech@yahoogroups .com
Subscribe: fhctech-subscribe@ yahoogroups. com
Unsubscribe: fhctech-unsubscribe @yahoogroups. com
List owner: Rick@Klemetson. com
Shortcut URL to Yahoo! group page:
http://groups. yahoo.com/ group/fhctechYah oo! Groups Links
<*> To visit your group on the web, go to:
http://groups. yahoo.com/ group/fhctech/
<*> Your email settings:
Individual Email | Traditional
<*> To change settings online go to:
http://groups. yahoo.com/ group/fhctech/ join
(Yahoo! ID required)
<*> To change settings via email:
mailto:fhctech-digest@ yahoogroups. com
mailto:fhctech-fullfeature d@yahoogroups. com
<*> To unsubscribe from this group, send an email to:
fhctech-unsubscribe @yahoogroups. com
<*> Your use of Yahoo! Groups is subject to:
http://docs. yahoo.com/ info/terms/