Tyler, You can try to look for the executable/s that's being detected and removed by NOD32 on other machines either via tasklist, pslist or dir /s /b /ASH <filename>
You may also want to try other tools, such as clamwin (clamav for windows) to try and check for other drop files. It's likely there's a an undetected "dropper" that propagates the malware that's being detected. Hope this helps. Xander On Thu, Sep 2, 2010 at 11:27 PM, Tyler Robinson <[email protected]> wrote: > Hey everyone just wondering what kinds of procedures you are using to > prevent and stop virus outbreaks on your local network after some genius end > user investigates child porn on local network PCs. Do most of you use > microsofts firewall with GP and just open exceptions for the applicatoins > that need it or run another piece of software. I have a massive infection > that i cannot track down our Eset is catching them but my network is nothing > but trojan packets we were not running an internal firewall (previous Admin > setup) without hardend systems, So do i start hardening systems first and > then do a GP with Firewall or does anyone have any better suggestions first > to get my network back and clean the infection second to setup the correct > way so there is no next time..As always thanks so much to the PDC community > you guys are the best. > TR > > -- > Tyler Robinson > Owner of Computer Impressions > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
