0

OS: 98SE
Location: Library

We have this application that is called ATHENA. This application is used to check books out to students/teachers and also we can check the status and avalibility of books, and check on the students (they might have fines).
Anyways, this program is located on once computer (server) and distributed to only a few other computers in the library. This server is called the Athena Server.
The Athena Server is also where I place patches, installations, and other various things that teachers need. It is the most accessable place.

There is a worm/virus floating around in said server: W32.Funlove.4099
There is a current version of Norton Anti-Virus (8.0) installed on all the computers. It is updated every week.
I have ran the removal utility several times, and it still is there. It is infecting the programs that I use/share with the teachers. So, what I am having to do now is place it somewhere else, that is not as accessable to teachers.

Anyone have any ideas as to how to remove this pest?

2
Contributors
1
Reply
2
Views
13 Years
Discussion Span
Last Post by DMR
0

See: http://securityresponse.symantec.com/avcenter/venc/data/w32.funlove.4099.html for an explanation.

What's most likely happening is that the virus had initially spread to other machines, either via the network or by shared media, and the cleansed machines are now getting reinfected from a source or sources that didn't get properly/thoroughly cleansed.

In other words, you probably missed something; you should go back and thoroughly scan all possible media onto which the virus could have copied itself. This could include floppies or CD that have been distributed, backup media, etc.

Remember that the virus bypasses normal filesystem security and can modify the kernel itself, so don't assume that the virus couldn't possible have gotten into a given location.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.