Solved

Remove Confiker Permanently from the Network

Posted on 2011-02-25
10
657 Views
Last Modified: 2012-05-11
My network has confiker virus. Both the servers and workstations are protected with Bitdefender Network Antivirus suite. All the workstations always show virus alerts of different flavours of Win32.Worm.Downadup being blocked or deleted. The Workstations run Windows XP and the servers run Win2k3 & Win2k8 R2. How do I permanently remove this virus permanently from my network
0
Comment
Question by:uc4me
  • 3
  • 2
  • 2
  • +1
10 Comments
 
LVL 38

Assisted Solution

by:younghv
younghv earned 200 total points
ID: 34979618
McAfee "Stinger" has been successful in removing this - and does all of the network corrections for you.

http://us.mcafee.com/virusInfo/default.asp?id=stinger
0
 
LVL 8

Expert Comment

by:sharkbot221984
ID: 34984922
I'd also suggest updating/patching everything as well.  When conficker first came out, only a few of my unpatched servers had this problem, removing the virus (I think I used the Symantec tool) and patching the server took care of it.
0
 
LVL 8

Accepted Solution

by:
sharkbot221984 earned 300 total points
ID: 34984950
0
Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 35002760
As you mentioned that you are running "Bitdefender Network Antivirus suite" then you might have some sort of reporting where you could check the source of the infection.

I would recommend to get the infection source, isolate them, patch them and clean them

Once that is done then only bring them to network.

Sudeep
0
 
LVL 38

Expert Comment

by:younghv
ID: 35002899
@SSharma,
Two of us have posted "targeted advice" to help solve this problem.
Your generic post offers nothing in the way of additional advice.
0
 

Author Comment

by:uc4me
ID: 35038702
I've ran the SCS tool on all the systems and it only detected downadup on one system which was cleaned. However, I've updated the systems but the bitdefender anti-virus on the systems still pops up at different times showing the downadup virus had been blocked and deleted. I just need to wipe it off entirely from my network.
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 35039283
@uc4me

When Bitdefender pops up, do you anything in the Event Viewer related to Bitdefender which has source IP of the machine which is been blocked?

Sudeep
0
 

Author Comment

by:uc4me
ID: 35234321
This question should not be closed as some of the ideas given by the contributors helped in solving the problem
0
 

Author Closing Comment

by:uc4me
ID: 35234370
The ideas given were good
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
suspending the anti virus 6 140
Norton antivirus 11 87
Foundations Server 7 59
Cisco Policy based routing 2 49
Most PC repair technicians (if not all) always start their cleanup process by emptying the temp folders before running any removal tools. It makes sense because temp folders are common places for malware installers to lurk and removing all the junk …
There are many reasons malware will stay around and continue to grow as a business.  The biggest reason is the expanding customer base.  More than 40% of people who are infected with ransomware, pay the ransom.  That makes ransomware a multi-million…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

837 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question