Solved

Remove Confiker Permanently from the Network

Posted on 2011-02-25
10
653 Views
Last Modified: 2012-05-11
My network has confiker virus. Both the servers and workstations are protected with Bitdefender Network Antivirus suite. All the workstations always show virus alerts of different flavours of Win32.Worm.Downadup being blocked or deleted. The Workstations run Windows XP and the servers run Win2k3 & Win2k8 R2. How do I permanently remove this virus permanently from my network
0
Comment
Question by:uc4me
  • 3
  • 2
  • 2
  • +1
10 Comments
 
LVL 38

Assisted Solution

by:younghv
younghv earned 200 total points
Comment Utility
McAfee "Stinger" has been successful in removing this - and does all of the network corrections for you.

http://us.mcafee.com/virusInfo/default.asp?id=stinger
0
 
LVL 8

Expert Comment

by:sharkbot221984
Comment Utility
I'd also suggest updating/patching everything as well.  When conficker first came out, only a few of my unpatched servers had this problem, removing the virus (I think I used the Symantec tool) and patching the server took care of it.
0
 
LVL 8

Accepted Solution

by:
sharkbot221984 earned 300 total points
Comment Utility
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
Comment Utility
As you mentioned that you are running "Bitdefender Network Antivirus suite" then you might have some sort of reporting where you could check the source of the infection.

I would recommend to get the infection source, isolate them, patch them and clean them

Once that is done then only bring them to network.

Sudeep
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 38

Expert Comment

by:younghv
Comment Utility
@SSharma,
Two of us have posted "targeted advice" to help solve this problem.
Your generic post offers nothing in the way of additional advice.
0
 

Author Comment

by:uc4me
Comment Utility
I've ran the SCS tool on all the systems and it only detected downadup on one system which was cleaned. However, I've updated the systems but the bitdefender anti-virus on the systems still pops up at different times showing the downadup virus had been blocked and deleted. I just need to wipe it off entirely from my network.
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
Comment Utility
@uc4me

When Bitdefender pops up, do you anything in the Event Viewer related to Bitdefender which has source IP of the machine which is been blocked?

Sudeep
0
 

Author Comment

by:uc4me
Comment Utility
This question should not be closed as some of the ideas given by the contributors helped in solving the problem
0
 

Author Closing Comment

by:uc4me
Comment Utility
The ideas given were good
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Join & Write a Comment

Managing 24/7 IT Operations is a hands-on job and indeed a difficult one. Over the years I have found some simple tips and techniques to increase the efficiency of the overall operations. The core concept has always been on continuous improvement; a…
There are many reasons malware will stay around and continue to grow as a business.  The biggest reason is the expanding customer base.  More than 40% of people who are infected with ransomware, pay the ransom.  That makes ransomware a multi-million…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now