Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 806
  • Last Modified:

W32.Downadup.B Virus

Hello Experts Exchange,

I know you prolly have seen this virus elsewhere, but I tried all given methods here at my workplace and none of them seem to work..

The following has been done:

Scan with malwarebytes.org (Found none)
Scan with avast boot scan (Found none)
Disconnect before scanning while scanning
Used Symantec patch method
Used Windows patch method after system update..
Fsecure method

Has anyone have any other tools to get rid of this

Regards,
Mark
0
camad3
Asked:
camad3
  • 8
  • 2
  • 2
  • +3
2 Solutions
 
NarendraGCommented:
0
 
camad3Author Commented:
Will try it..

Anymore takers on solutions?

THanks
0
 
wolfcamelCommented:
have you tried all of the above in safe mode?
0
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

 
optomaCommented:
How many machines affected?
Try these on all
Run TdssKiller and Hitmanpro.
http://support.kaspersky.com/viruses/solutions?qid=208280684
http://www.surfright.nl/en/hitmanpro
0
 
camad3Author Commented:
Yes tried all albove in safe mode @wolf camel

Optoma: 10 so far we have 150+ users
0
 
optomaCommented:
Also have a look at this so
http://support.microsoft.com/kb/962007
0
 
Sudeep SharmaTechnical DesignerCommented:
Hi,

This is one of the variant of famous conflicker worm which is network aware worm and take advantage of weak password of network share to propagate itself. Here are more details of the worm.

http://www.threatexpert.com/report.aspx?md5=9c46856775293f06d24ea56a6890e74f
http://www.threatexpert.com/report.aspx?md5=cb62878451b7269e072c99d5064190c5
http://www.threatexpert.com/report.aspx?md5=bd32a20b242fc818477050440fee40f6

One should have good password policy and strong password on network share as well.

Sudeep
0
 
camad3Author Commented:
Tried the top 4.. None of it works
0
 
madunixChief Information Security Officer Commented:
check this link
https://secure.sophos.com/products/free-tools/conficker-removal-tool/download
its a standalone version, many good tools exist now.  i would check also the link to the Conficker Work group is http://www.confickerworkinggroup.org/wiki/
keep in mind to use frequently  Bootable antivirus Rescue CD
http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/
Boot-able anti virus Rescue CD method consider as the most effective way to remove the virus, trojan and malware because it track down some viruses, trojans and other malware are embedded so tightly into your operating system that when you boot Windows the normal way. Mostly virus is also loaded and cannot be detected or removed by antivirus software  running in that system. In such a case, booting antivirus rescue CD under clean environment can increase chances to track down virus easily which there no interfere from any windows OS services.
0
 
camad3Author Commented:
Will try your method, madunix.
0
 
camad3Author Commented:
@Madunix

Tried creating a rescue cd via kaspersky but each time it is loaded the beeping noise persist. But when we tried booting another cd it goes in very well..

It cannot be our mother board, neither the optical drive because it loaded successfully when using another boot cd..

Can it be the virus knows of this rescue disk?

0
 
madunixChief Information Security Officer Commented:
try avira http://www.free-av.com/en/products/12/avira_antivir_rescue_system.html
and let me know if you still have the same issue.
0
 
camad3Author Commented:
Okay will try.. the odd thing is that.. It only beeps when its a newly installed system or un infected OS.. I
0
 
camad3Author Commented:
I mean.. when it is a infected system..
0
 
camad3Author Commented:
Nothing is working so far.. Asides do i do a reformat? I read in an article that it spreads rapidly at 100x an hour rate.. and it switches name from each time its deleted
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

  • 8
  • 2
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now