What should a network administrators first course of action be on receiving an e-mail alerting him to the presence of a virus on the system if a specific executable file exists?

Investigate the e-mail as a possible hoax with a reputable anti-virus vendor.

If a virus threat is for real, the major anti-virus players like Symantec, McAfee, or Sophos will know about it before you, and they will have details on their sites. Incorrect answers: Searching for and deleting a file is not only a waste of time with todays OSs complex directory systems, but its also ineffective. One can miss a file, the file could be hidden, the wrong file can be deleted, and worst of all: when you delete a file it doesnt really get completely deleted, instead it gets sent to a recycle bin. Broadcasting an alert and creating panic isnt the right thing to do, because it will waste bandwidth, and perhaps terrorizing the users is the original intent of the attack. The act of locating and downloading a patch isnt just time consuming, but theres a chance that the patch itself could be the virus, or the process of resetting the computer could activate the virus.