Link to home
Start Free TrialLog in
Avatar of jmicorp
jmicorpFlag for United States of America

asked on

Infection W32.downadup.B, others? Network reinfecting itself.

I have a windows domain with 2 domain controllers and 3 member servers. W32.downadup.b has made its rounds, damaging one of the member servers. It has restricted access to DNS strings (ie: will not resolve in any browser, even browsers installed after the event) adaware, spybot, and symantec AV 1-22-09 find no events. Anyone got any solutions/suggestions to check for modified settings? lmhosts/hosts are empty.
Avatar of rpggamergirl
Flag of Australia image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jmicorp


i did figure it out for myself but i'll give you points for being correct.

google for "W32.downadup tool" and the first link from symantec will provide a proper functional tool for 3 variants; ., .A, and .B

Avatar of jmicorp


My notes provide an extra insight into repair of this annoyance.