If ClamAV was running on the Linux Samba server, would it have caught the 'bad file' so additional clients would not have been infected? I know, it wouldn't help with this virus?
I know you need to put it on and run it religiously including updates BEFORE the nasties attack. On Mon, Oct 27, 2014 at 7:34 PM, Bill Ricker <[email protected]> wrote: > On Mon, Oct 27, 2014 at 6:55 PM, John Abreau <[email protected]> wrote: >> The samba logs should show you which clients are creating those files, so >> the users will know they need to disinfect their machines. > > Thanks to the auto-run, likely every windows machine using this SAMBA > share needs to be disinfected by now. > > Agree with read-only suggestions to keep it from spreading while you > exterminate the client infections. > > Agree with Clam (or a windows AV) to find out what it is and how to > remove it from windows primary disk. (It's won't be auto file on > client c:) > > > -- > Bill Ricker > [email protected] > https://www.linkedin.com/in/n1vux > _______________________________________________ > Discuss mailing list > [email protected] > http://lists.blu.org/mailman/listinfo/discuss -- ><> ... Jack "Whatever you do, work at it with all your heart"... Colossians 3:23 "Anyone who has never made a mistake, has never tried anything new." - Albert Einstein "You don't manage people; you manage things. You lead people." - Admiral Grace Hopper, USN "Tell me and I forget. Teach me and I remember. Involve me and I learn." - Ben Franklin _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
