First off let me give you an explaination of our network. We have 13 or so W2003 Servers, 130 Windows XP Machines (with ATLEAST sp2), and prolly 80 or so Win2k Computers and maybe some random WINNT Machines.
What Happened:
Today while we were all in a meeting a virus spread like wildfire. We use VNC (a variation of Tight and Real) and it definetly looks like it logged in the computer via VNC and ran some crazy script. We do have symatec enterprise for anti virus and basically the only response we got was yes its a backdoor trojan and we can try and fix it but we will need to format all 200+ computers. Which is not acceptable. So right now we are in the process of figuring out what we are going to do. I'm going to upload a SS on what we could capture of the script. I could definetly use any adive you guys could give me.
http://i110.photobucket.com/albums/n117/hots2k/untitled.jpg
What Happened:
Today while we were all in a meeting a virus spread like wildfire. We use VNC (a variation of Tight and Real) and it definetly looks like it logged in the computer via VNC and ran some crazy script. We do have symatec enterprise for anti virus and basically the only response we got was yes its a backdoor trojan and we can try and fix it but we will need to format all 200+ computers. Which is not acceptable. So right now we are in the process of figuring out what we are going to do. I'm going to upload a SS on what we could capture of the script. I could definetly use any adive you guys could give me.
http://i110.photobucket.com/albums/n117/hots2k/untitled.jpg
Facebook
Twitter