How to remove Photo03.scr virus

qava

Evans

This virus has spread on our network very rapidly. Even our network security system was not able to stop Photo03.scr virus from reaching all stations and servers. Our servers identify the virus as Win32:Malware-gen, but all other computers wan not able to identify it.

After checking logs on the server, we found out that Photo03.scr originated from one spam email opened by a single workstation. Since we are on a network environment, Photo03.scr virus spreads so fast. We also noticed that it created files in random names such as the following:

C:\Users\[username]\AppData\Local\Temp\khwdcestbl.vbs
C:\Users\[username]\AppData\Local\Temp\sgmphmirfi..vbs
C:\Users\[username]\AppData\Local\Temp\theeiutwwu.vbs
C:\Users\[username]\AppData\Local\Temp\ucjwehecuv.vbs
C:\Users\[username]\AppData\Local\Temp\vxamsrzajp.vbs
C:\Users\[username]\AppData\Local\Temp\wmswigrjrx.vbs
C:\Users\[username]\AppData\Local\Temp\wxiiwhkzlo..vbs

A bunch of .LNK files are also placed on the desktop and root of every drives, including removable ones. As of now, we have disconnected all the computers on the server to avoid any further damage. All our vital files are on this server so we have to secure it.

I need quick solution to this issue, so if you can give me recommendation to remove Photo03.scr virus as soon as possible, I will be very thankful.

Related Discussions: