W32.Downadup.B Virus
Hello Experts Exchange,
I know you prolly have seen this virus elsewhere, but I tried all given methods here at my workplace and none of them seem to work..
The following has been done:
Scan with malwarebytes.org (Found none)
Scan with avast boot scan (Found none)
Disconnect before scanning while scanning
Used Symantec patch method
Used Windows patch method after system update..
Fsecure method
Has anyone have any other tools to get rid of this
Regards,
Mark
I know you prolly have seen this virus elsewhere, but I tried all given methods here at my workplace and none of them seem to work..
The following has been done:
Scan with malwarebytes.org (Found none)
Scan with avast boot scan (Found none)
Disconnect before scanning while scanning
Used Symantec patch method
Used Windows patch method after system update..
Fsecure method
Has anyone have any other tools to get rid of this
Regards,
Mark
ASKER
Will try it..
Anymore takers on solutions?
THanks
Anymore takers on solutions?
THanks
have you tried all of the above in safe mode?
How many machines affected?
Try these on all
Run TdssKiller and Hitmanpro.
http://support.kaspersky.com/viruses/solutions?qid=208280684
http://www.surfright.nl/en/hitmanpro
Try these on all
Run TdssKiller and Hitmanpro.
http://support.kaspersky.com/viruses/solutions?qid=208280684
http://www.surfright.nl/en/hitmanpro
ASKER
Yes tried all albove in safe mode @wolf camel
Optoma: 10 so far we have 150+ users
Optoma: 10 so far we have 150+ users
Also have a look at this so
http://support.microsoft.com/kb/962007
http://support.microsoft.com/kb/962007
Hi,
This is one of the variant of famous conflicker worm which is network aware worm and take advantage of weak password of network share to propagate itself. Here are more details of the worm.
http://www.threatexpert.com/report.aspx?md5=9c46856775293f06d24ea56a6890e74f
http://www.threatexpert.com/report.aspx?md5=cb62878451b7269e072c99d5064190c5
http://www.threatexpert.com/report.aspx?md5=bd32a20b242fc818477050440fee40f6
One should have good password policy and strong password on network share as well.
Sudeep
This is one of the variant of famous conflicker worm which is network aware worm and take advantage of weak password of network share to propagate itself. Here are more details of the worm.
http://www.threatexpert.com/report.aspx?md5=9c46856775293f06d24ea56a6890e74f
http://www.threatexpert.com/report.aspx?md5=cb62878451b7269e072c99d5064190c5
http://www.threatexpert.com/report.aspx?md5=bd32a20b242fc818477050440fee40f6
One should have good password policy and strong password on network share as well.
Sudeep
ASKER
Tried the top 4.. None of it works
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Will try your method, madunix.
ASKER
@Madunix
Tried creating a rescue cd via kaspersky but each time it is loaded the beeping noise persist. But when we tried booting another cd it goes in very well..
It cannot be our mother board, neither the optical drive because it loaded successfully when using another boot cd..
Can it be the virus knows of this rescue disk?
Tried creating a rescue cd via kaspersky but each time it is loaded the beeping noise persist. But when we tried booting another cd it goes in very well..
It cannot be our mother board, neither the optical drive because it loaded successfully when using another boot cd..
Can it be the virus knows of this rescue disk?
try avira http://www.free-av.com/en/products/12/avira_antivir_rescue_system.html
and let me know if you still have the same issue.
and let me know if you still have the same issue.
ASKER
Okay will try.. the odd thing is that.. It only beeps when its a newly installed system or un infected OS.. I
ASKER
I mean.. when it is a infected system..
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://windowsprotection.net/how-to-remove-w32downadupb-worm-w32downadupb-removal-guide/