Virus killing network.. please help...

I need help bigtime. Seems like we got a virus and it spread all over the network. Infected about 7 machines. We actually reformatted one machine to get the virus off and as soon as we connected to our network, it was infected again. I ran multiple scanners on the machine.. norton, sophos... but it doesn't go away and it seems to make my machines lose connectivity. What do i do? Do i have to disconnect everything from the network and re-format everything?!?!?! There has to be something. The virus found is w32/Delbot-AO and Mal/Delque-A. Please help.. thanx all

Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

rpggamergirlConnect With a Mentor Commented:
This will get rid of the infection, but you need to isolate each machines till they're all clean to avoid re-infection.
Download SDFix and save it to your desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :

* Restart your computer
* After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
*  Instead of Windows loading as normal, a menu with options should appear;
*  Select the first option, to run Windows in Safe Mode, then press "Enter".
*  Choose your usual account.

*  Open the extracted folder and double click "RunThis.bat" to start the script.
*  Type "Y" to begin the script.
*  It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot.
*  Press any Key and it will restart the PC.
*  Your system will take longer that normal to restart as the fixtool will be running and removing files.
*  When the desktop loads the Fixtool will complete the removal and display "Finished", then press any key to end the script and load your desktop icons.
*  Finally open the SDFix folder on your desktop and copy and paste the contents of the results file "Report.txt" back

Also run this tool, it removes most common infections and will give you a report which can be analyze for any leftover nasties.

Download ComboFix to your Desktop, from either of these locations:

Double click "combofix.exe" and follow the prompts.
When finished, it shall produce a log for you.
Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall
engineroomAuthor Commented:
Thanx for the information. I will give it a try. Unfortunately the second link doesn't seem to work. Any other links?
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

You mean Combofix links don't work?
that's strange, it works for me, it's a direct download.
engineroomAuthor Commented:
Thanx for all your help!
No problem.

Thank you!
All Courses

From novice to tech pro — start learning today.