Solved

Remove Confiker Permanently from the Network

Posted on 2011-02-25
10
661 Views
Last Modified: 2012-05-11
My network has confiker virus. Both the servers and workstations are protected with Bitdefender Network Antivirus suite. All the workstations always show virus alerts of different flavours of Win32.Worm.Downadup being blocked or deleted. The Workstations run Windows XP and the servers run Win2k3 & Win2k8 R2. How do I permanently remove this virus permanently from my network
0
Comment
Question by:uc4me
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
10 Comments
 
LVL 38

Assisted Solution

by:younghv
younghv earned 200 total points
ID: 34979618
McAfee "Stinger" has been successful in removing this - and does all of the network corrections for you.

http://us.mcafee.com/virusInfo/default.asp?id=stinger
0
 
LVL 8

Expert Comment

by:sharkbot221984
ID: 34984922
I'd also suggest updating/patching everything as well.  When conficker first came out, only a few of my unpatched servers had this problem, removing the virus (I think I used the Symantec tool) and patching the server took care of it.
0
 
LVL 8

Accepted Solution

by:
sharkbot221984 earned 300 total points
ID: 34984950
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 30

Expert Comment

by:Sudeep Sharma
ID: 35002760
As you mentioned that you are running "Bitdefender Network Antivirus suite" then you might have some sort of reporting where you could check the source of the infection.

I would recommend to get the infection source, isolate them, patch them and clean them

Once that is done then only bring them to network.

Sudeep
0
 
LVL 38

Expert Comment

by:younghv
ID: 35002899
@SSharma,
Two of us have posted "targeted advice" to help solve this problem.
Your generic post offers nothing in the way of additional advice.
0
 

Author Comment

by:uc4me
ID: 35038702
I've ran the SCS tool on all the systems and it only detected downadup on one system which was cleaned. However, I've updated the systems but the bitdefender anti-virus on the systems still pops up at different times showing the downadup virus had been blocked and deleted. I just need to wipe it off entirely from my network.
0
 
LVL 30

Expert Comment

by:Sudeep Sharma
ID: 35039283
@uc4me

When Bitdefender pops up, do you anything in the Event Viewer related to Bitdefender which has source IP of the machine which is been blocked?

Sudeep
0
 

Author Comment

by:uc4me
ID: 35234321
This question should not be closed as some of the ideas given by the contributors helped in solving the problem
0
 

Author Closing Comment

by:uc4me
ID: 35234370
The ideas given were good
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some of the most commonly posted questions in the "Virus & Malware" Zones are related to the family of rogue malware with the date "2012" somewhere in the title. Examples: XP Antispyware 2012 XP Antivirus 2012 XP Security 2012   XP Home Sec…
Managing 24/7 IT Operations is a hands-on job and indeed a difficult one. Over the years I have found some simple tips and techniques to increase the efficiency of the overall operations. The core concept has always been on continuous improvement; a…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question