Solved

The endless war on Conficker, need some advice.

Posted on 2009-07-15
4
408 Views
Last Modified: 2013-12-09
When I was hired to a new technology team at my school district, we were faced with a huge task.  This included battling a network that was 100% beat down by variants of the Conficker virus.  Three months into the job, we are making progress, but feel that it is not enough.  After imaging the whole school and ensuring that all workstations and servers are up to date in terms of OS and Symantec EP, we are starting to see attacks rising on our domain controller once again (Failure audits in our security log).  Is anyone else successfully battling this in their district or company?  If so, how?  We are looking to other possible AV solutions, so if anyone has recommendations, please share.  Note that our network is locked down very well.  As of right now, we are still allowing teachers and summer school students to use flash drives.  I am aware that these drives are most likely infected, but theoretically shouldn't SEP pull conficker off the second it is detected??  And with the most current Microsoft patches, why would this cause any issues?
0
Comment
Question by:jsantora83
4 Comments
 
LVL 5

Expert Comment

by:KETTANEH
ID: 24865071
i've installed Kasbersky internet security on the machine in my network  ... all conficker issue gone ..

you should have good antivirus + good firewall (important)
0
 
LVL 7

Assisted Solution

by:vvlada
vvlada earned 100 total points
ID: 24866715
Hi,

You probably have a few machines that has "false" patch and are still infected. Are you sure that you have SEP on ALL machines in the network? Do you use full install package with Network Threat Protection or just antivirus? Are you sure that all machines are updated and scaned?

We have a lot of customers with SEP and 0 problems with Conficker!

Best regards,
Vladimir
0
 
LVL 16

Expert Comment

by:warturtle
ID: 24867297
0
 
LVL 2

Accepted Solution

by:
jsantora83 earned 0 total points
ID: 24898682
We are installed and patched across the whole network.  We have now decided to do a walkthrough of the entire school and sit at each machine individually.
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ransomware and redirected folders 9 105
Av for Windows mobile 3 159
Computer has been hijacked? 13 110
Powershell script reporting 12 46
UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question