Last week it was discovered our church computer(s) have a trojan virus.
There are three networked together. The internet provider phoned the
secretary and told her that a port was open. I looked for suspicious .exe
files and found "pipecmdsvr.exe". I googled it and found it to be a file
dropped by the backdoor.fluxay trojan.
Symantec says to delete the pipecmdsvr file and take out the registry entry.
However Symantec says removal is moderate and damage is moderate, making it
a complicated job(?). We are advised to change any passwords as it appears
someone from China is trying to maniuplate the computer remotely.
Question: Should the registry key and the file (pipecmdsvr) be removed
before an online scan.? Or should the online scan be done as soon as
possible? (We disconnected the computer(s) from the internet as soon as the
problem was discovered.)
Question: What is the possibility of other viruses particuarly the ones that
disable antivirus activities? We disconnected the computer(s) from the
internet as soon as the problem was discoverd.
Although the internet provider removes email viruses before they come, the
computer(s) in question *does not* have anti-virus installed.
FAQ
Profile
Private Messages
Log in
