[x]
Posted via EE Mobile

Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.
Question
[x]
Attachment Details

Recurring Conficker_C  Patch ineffective

Asked by mmichaels1970 in Windows 2003 Server, Operating Systems Network Security, Networking Security Vulnerabilities

Tags: Microsoft Windows 2003, Conficker

I'm having a recurring nightmare with conficker_c.  I've installed MS08-067 for W2k3 and ran MSRT 3.0.  MSRT detected and successfully removed conficker_c with a reboot.

I've also altered my domain policy to not allow "autorun".

From what I gather, according to Microsoft I should now be protected from Conficker.  Yet within a couple of hours, Conficker_C returns and slams my netsvcs process.  I'm currently using process explorer to isolate the offending thread and suspend it.

This is an RDP Server so I'm guessing the virus may coming in from a remote client, but this is merely a guess.

My question is:  How can I truly, and effectively patch against Conficker_C on W2K3 SP2 w/MS08-067 already applied?
[+][-]11/03/09 01:39 PM, ID: 25734085Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]11/03/09 01:45 PM, ID: 25734150Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]11/05/09 01:44 AM, ID: 25747907Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]11/05/09 05:12 AM, ID: 25749006Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]11/06/09 02:36 PM, ID: 25763690Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]11/11/09 07:30 AM, ID: 25795822Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]11/13/09 11:55 AM, ID: 25817159Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
 
Loading Advertisement...
20091021-EE-VQP-81 - Hierarchy / EE_QW_3_20080625