Learn how to a build a cloud-first strategyRegister Now


Conflicker Worm Removed but Still account lockout

Posted on 2009-04-17
Medium Priority
Last Modified: 2013-12-23
Hi Guru's
We had the confliker worm ..and managed to remove it and install Mcafeee and Windows patches as mentioned. Now we have a strange problem, now and then a computer shows up in the Event viewer with ID 644 and the computer name is not part of our network nor pingable.

This computer keeps locking users from AD and causes grief to us. How is this possible?...and how can we identify the source of this computer...?

Please help...b/c this is causing us downtime.....

Question by:Chemtrade
  • 2
LVL 11

Expert Comment

by:Abhay Pujari
ID: 24167974
I think there is still a threat lying in your network. Shutdown all the machines. Scan servsers first in safe mode. Update them. On one by one machine in safe mode, scan and update. This sounds weired but this can work wonders.
How many systems you have in your network?

Author Comment

ID: 24168020
Thanks..more than 550 computer..so this may a issue
LVL 11

Accepted Solution

Abhay Pujari earned 1000 total points
ID: 24168054
Yes, true. 550 is a large number but to remove worm, you have to go through this pain. There may be some other tricks, I need to search for it though. I had this problem and I spent 3 sleepless nights to resolve this. Fortunately I had only 60 machines and some 20 Laptops.

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn about cloud computing and its benefits for small business owners.
Measuring Server's processing rate with a simple powershell command. The differences in processing rate also was recorded in different use-cases, when a server in free and busy states.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question