Knowledgebase
Happy-2008.exe removal advise
| Posted by FlightLizard, 01-09-2008, 04:46 PM | | I found on a machine that was flooding our network internally happy-2008[1].exe in the windows\prefetch folder.
I am asking for advise on how to remove it, the machine will probably be reformatted but since a fresh install of nod32 did not detect it I am wonder if it is a false alarm or why it went undetected.
Note the machine was not on the network when scanned, it also has starware malware on it. Windows XP Pro
I have read that it is a trojan and can hide it's own process and security wise this is new to me, I mainly deploy new PC systems and this one was installed before I joined the company. Currently our network is behind a firewall with CISCO routers I believe. Also for AntiVirus AVG enterprise is used - not the server edition, running are AV and anitspyware components.
Just looking for some tips, Thank You.
|
| Posted by bitserve, 01-09-2008, 06:28 PM | | Many malware now adays disable AV software. I've had good luck removing malware by just booting into safe mode and using hijackthis and lspfix. Or worst case, boot from windows cd.
However, if you're no expert at this, you may find it easier and safer to reinstall windows, and make sure that the computer has all of the latest security updates (especially the one from tuesday about remote exploit over tcp/ip).
Most viruses are received by opening email attachments and visting malicious sites. Besiees updates, perimeter scanning, training, and policy enforcment are the best way to prevent infection.
|
|
 Add to Favourites
 Print this Article
|
Also Read
