Solved

Remove Confiker Permanently from the Network

Posted on 2011-02-25
10
660 Views
Last Modified: 2012-05-11
My network has confiker virus. Both the servers and workstations are protected with Bitdefender Network Antivirus suite. All the workstations always show virus alerts of different flavours of Win32.Worm.Downadup being blocked or deleted. The Workstations run Windows XP and the servers run Win2k3 & Win2k8 R2. How do I permanently remove this virus permanently from my network
0
Comment
Question by:uc4me
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
10 Comments
 
LVL 38

Assisted Solution

by:younghv
younghv earned 200 total points
ID: 34979618
McAfee "Stinger" has been successful in removing this - and does all of the network corrections for you.

http://us.mcafee.com/virusInfo/default.asp?id=stinger
0
 
LVL 8

Expert Comment

by:sharkbot221984
ID: 34984922
I'd also suggest updating/patching everything as well.  When conficker first came out, only a few of my unpatched servers had this problem, removing the virus (I think I used the Symantec tool) and patching the server took care of it.
0
 
LVL 8

Accepted Solution

by:
sharkbot221984 earned 300 total points
ID: 34984950
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 30

Expert Comment

by:Sudeep Sharma
ID: 35002760
As you mentioned that you are running "Bitdefender Network Antivirus suite" then you might have some sort of reporting where you could check the source of the infection.

I would recommend to get the infection source, isolate them, patch them and clean them

Once that is done then only bring them to network.

Sudeep
0
 
LVL 38

Expert Comment

by:younghv
ID: 35002899
@SSharma,
Two of us have posted "targeted advice" to help solve this problem.
Your generic post offers nothing in the way of additional advice.
0
 

Author Comment

by:uc4me
ID: 35038702
I've ran the SCS tool on all the systems and it only detected downadup on one system which was cleaned. However, I've updated the systems but the bitdefender anti-virus on the systems still pops up at different times showing the downadup virus had been blocked and deleted. I just need to wipe it off entirely from my network.
0
 
LVL 30

Expert Comment

by:Sudeep Sharma
ID: 35039283
@uc4me

When Bitdefender pops up, do you anything in the Event Viewer related to Bitdefender which has source IP of the machine which is been blocked?

Sudeep
0
 

Author Comment

by:uc4me
ID: 35234321
This question should not be closed as some of the ideas given by the contributors helped in solving the problem
0
 

Author Closing Comment

by:uc4me
ID: 35234370
The ideas given were good
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question