Cant we delete the Worm.Win32.Womble.d!!!! in Network

Discussion in 'malware problems & news' started by seenujanu, Jun 27, 2008.

Thread Status:
Not open for further replies.
  1. seenujanu

    seenujanu Registered Member

    Joined:
    Jun 27, 2008
    Posts:
    2
    Hi Friends,

    In our Office network was infected with Virus called Worm.Win32.Womble.d ...
    i had scanned the Hard Disk (Network Drive) with Kaspersky on 06/24/2008 from my system
    Kaspersky founded some Virus which r give below. i have deleted the files which had shown to me.... But the Problem is it Regains the Virus ..same Issue ......
    It just creats Duplicate files like My passwords.doc .exe

    Code:
    06/24/2008 08:02:42 PM	File \\backups1\Public\Seduction secrets.jpg: detected: Trojan program 'Exploit.Win32.IMG-WMF.y'.
    06/24/2008 08:02:42 PM	File \\backups1\Public\Seduction secrets.jpg: is still infected, postponed.
    06/24/2008 08:02:43 PM	File \\backups1\Public\MySexPicture.jpg: detected: Trojan program 'Exploit.Win32.IMG-WMF.y'.
    06/24/2008 08:02:43 PM	File \\backups1\Public\MySexPicture.jpg: is still infected, postponed.
    06/24/2008 08:02:50 PM	File \\backups1\Public\Seduction secrets.doc .exe: detected: virus 'Virus.Win32.Sality.q'.
    06/24/2008 08:02:50 PM	File \\backups1\Public\Seduction secrets.doc .exe: is still infected, postponed.
    06/24/2008 08:02:51 PM	File \\backups1\Public\My passwords.doc .exe: detected: virus 'Virus.Win32.Sality.q'.
    06/24/2008 08:02:51 PM	File \\backups1\Public\My passwords.doc .exe: is still infected, postponed.
    06/24/2008 08:11:15 PM	File \\backups1\SECOND WEEK\GoogleHack.jpg: detected: Trojan program 'Exploit.Win32.IMG-WMF.y'.
    06/24/2008 08:11:15 PM	File \\backups1\SECOND WEEK\GoogleHack.jpg: is still infected, postponed.
    06/24/2008 08:11:16 PM	File \\backups1\SECOND WEEK\me.jpg: detected: Trojan program 'Exploit.Win32.IMG-WMF.y'.
    06/24/2008 08:11:17 PM	File \\backups1\SECOND WEEK\me.jpg: is still infected, postponed.
    06/24/2008 08:11:19 PM	File \\backups1\SECOND WEEK\Seduction secrets.doc .exe: detected: virus 'Virus.Win32.Sality.q'.
    06/24/2008 08:11:20 PM	File \\backups1\SECOND WEEK\Seduction secrets.doc .exe: is still infected, postponed.
    06/24/2008 08:11:23 PM	File \\backups1\SECOND WEEK\Windows serial number.txt .exe: detected: virus 'Virus.Win32.Sality.q'.
    06/24/2008 08:11:24 PM	File \\backups1\SECOND WEEK\Seduction secrets.doc .exe: detected: virus 'Virus.Win32.Sality.q'.
    06/24/2008 08:11:24 PM	File \\backups1\SECOND WEEK\Windows serial number.txt .exe: detected: virus 'Virus.Win32.Sality.q'.
    06/24/2008 08:11:25 PM	File \\backups1\SECOND WEEK\Windows serial number.txt .exe: is still infected, postponed.
    06/24/2008 08:11:56 PM	File \\backups1\SECOND WEEK\Windows serial number.txt .exe: deleted.
    06/24/2008 08:11:56 PM	File \\backups1\SECOND WEEK\Seduction secrets.doc .exe: deleted.
    
    But i found in my sytem (F:\sathi\Me.jpg sathi is share folder in our Network) showing same Virus by Kaspersky and it has been deleted and ...
    i have scanned the F: drive it doesnt show any thing ...
    Is this Virus Regains in my PC..
    Is this efffecting to other PCs which r having the share Folders in network
    How can i delete this Permentely in the Network Also.

    Code:
    06/26/2008 02:07:34 PM	File F:\sathi\Me.jpg cannot be deleted.
    06/26/2008 02:07:25 PM	File F:\sathi\Me.jpg: deleted.
    06/26/2008 02:06:27 PM	File F:\sathi\Me.jpg: detected: Trojan program 'Exploit.Win32.IMG-WMF.y'.
    06/26/2008 02:06:59 PM	File F:\sathi\Me.jpg: detected: Trojan program 'Exploit.Win32.IMG-WMF.y'.
    06/26/2008 03:21:29 PM	File F:\sathi\My passwords.doc .pif: deleted.
    06/26/2008 03:21:26 PM	File F:\sathi\My passwords.doc .pif: detected: virus 'Email-Worm.Win32.Womble.d'.
    06/26/2008 03:20:18 PM	File F:\sathi\My passwords.doc .pif: detected: virus 'Virus.Win32.Sality.q'.
    06/26/2008 03:21:32 PM	File F:\sathi\OurNewHouse.jpg: deleted.
    06/26/2008 03:21:29 PM	File F:\sathi\OurNewHouse.jpg: detected: Trojan program 'Exploit.Win32.IMG-WMF.y'.
    06/26/2008 02:07:32 PM	File F:\sathi\Seduction secrets.doc .exe: deleted.
    06/26/2008 02:06:27 PM	File F:\sathi\Seduction secrets.doc .exe: detected: virus 'Virus.Win32.Sality.q'. 
    Virus names r :

    Exploit.Win32.IMG-WMF.y
    Virus.Win32.Sality.q
    Email-Worm.Win32.Womble.d

    Would u please help me out of this

    Thanks in Advance

    Seenujanu
     
  2. seenujanu

    seenujanu Registered Member

    Joined:
    Jun 27, 2008
    Posts:
    2
    Hi Friends

    Network with 2 server os running with 50 2000 professional as client .



    SERVER : 2000 / 2003 SERVER


    CLIENT MACHINES : 50 NOS OF 2000 PROFESSIONAL

    WE USE SONICWALL FIREWALL AND MCAFEE A/V IN ALL DESKTOP .


    Thanks
    SeenuJanu
     
  3. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,765
    Last edited: Jun 27, 2008
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    64,312
    Location:
    Texas
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.