Start Free TrialLog in
Avatar of Stuart Oram
Stuart OramFlag for United Kingdom of Great Britain and Northern Ireland

asked on 

W32.Downadup

Various machines infected with W32.Downadup (seems to have spread over network). SAV10 is deleting instances of the files it finds, but they keep reappearing, so the root cause is still around. Run Malwarebytes Anti-Malware as suggested on another thread & it has found machine to be clean. Followed Symantec's removal instructions & Used a F-Secure removal tool that didn't find any instances.

Firewalls indicating the malware isn't trying to make any outbound connections, so am OK in that sense at the moment, but would like to find & remove root cause. Any ideas?

I've used SAV10, Windows Defender, Malwarebytes, Ad-Aware......
Windows Server 2003Vulnerabilities
Avatar of undefined
Last Comment
VINOD MORE
ASKER CERTIFIED SOLUTION
Avatar of Darius Ghassem
Darius Ghassem
Flag of United States of America image
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of Darius Ghassem
Darius Ghassem
Flag of United States of America image
Here is the update for the machines to patch the issue with the code.

http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
Avatar of Stuart Oram
Stuart Oram
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Thanks I've applied the patch...taking a look at the link now & will post back..
Avatar of Darius Ghassem
Darius Ghassem
Flag of United States of America image
How is everything going?
Avatar of Stuart Oram
Stuart Oram
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Seems to have cleared from server and one client but remains on two otherclients...
Windows Server 2003
Windows Server 2003

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).

129K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts

  • "Invaluable tool for our organization"

    Josh Regalski

  • "Your help has saved me hundreds of hours of internet surfing."

    @fblack61

  • "Just a dang good service!"

    @golferski

  • "Worth every penny."

    Steve Hougom

  • "It’s been a life saver."

    Maria Halt

  • "Best support site I’ve seen!"

    Bob Schneider

  • "I would be lost without them."

    @fblack61

  • "Saved my job multiple times."

    Walt Forbes

  • "I love this site."

    Maria Duwe

  • "Friendly respectful help."

    Andrew Kowtalo

  • "Such top-notch experts."

    @magento

  • "The best money I have ever spent."

    @rwheeler23

  • "Beyond any comprehensible value"

    George Morris

  • "Invaluable tool for our organization"

    Josh Regalski

Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo
© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent