Need advice on killing an unkillable worm

STS · Sep 29, 2009

Our networks have been infected with the Conficker worm, and although every computer has the latest AVG installed, it is still constantly blocking the worm, which is becoming a nuisance to the people having to work on the computers.

I've recently gotten hold of a program that removes the worm from computers, and a patch from Microsoft that fixes the security flaw that allows it to continually attack a computer, but I have more than 100 a computers on our network and it would be tedious to go to everyone and install this patch.

Is there a way to find out which computer/IP address these worms are coming from? If i could narrow it down to the computers sendign the worm out it would make my work much easier, and I can't seem to find any help on Google, unless i'm wording it wrong.

jord@n · Sep 29, 2009

You can download Conficker Detection Tool by Mcafee. It will tell you exactly what pc is infected with conficker.

STS · Sep 29, 2009

i love you

i didn't even know it existed, thank you

roddyp · Sep 29, 2009

LOL.

At first glance, i read "Need advice on killing an unkillable woman"

...\checks himself into therapy...

tco21 · Sep 29, 2009

Your problem lies in the first sentence of the OP. You are using AVG!

lol @ roddyp.

wishblade · Sep 29, 2009

Actually, you going to continually have problems until you ensure all the machines are fully up to date with patches, etc.

See, you may identify the specific machine from which the curent infection is based, but without closing the holes, you are likely to suffer the same issues over and over again.

Trust me, from someone that has studied the worm in detail - I'm willing to bet that you have more than one source in your network, especially since you at least almost a year behind with patches. I'm guessing your network is also home to one or two other nasties, that exploit flaws in Windows to bypass AV detection...

Patch people - the worm is still around.

STS · Sep 29, 2009

tco21 said:
Your problem lies in the first sentence of the OP. You are using AVG!

lol @ roddyp.

AVG has always been good for me, atleast until i started paying for licenses

i have a lot of other strange problems with it, like it refuses to update over a wireless, but this was my only real problem. thanks again

STS · Sep 29, 2009

wishblade said:
Actually, you going to continually have problems until you ensure all the machines are fully up to date with patches, etc.

See, you may identify the specific machine from which the curent infection is based, but without closing the holes, you are likely to suffer the same issues over and over again.

Trust me, from someone that has studied the worm in detail - I'm willing to bet that you have more than one source in your network, especially since you at least almost a year behind with patches. I'm guessing your network is also home to one or two other nasties, that exploit flaws in Windows to bypass AV detection...

Patch people - the worm is still around.

our company actually uses a range of different programs, and i've found that the licensed AVG doesn't install on certain machine, which means we have to resort to using the free installation, even tho we have more than 300 licenses. but even the free AVG seems up to date, so it's a real wonder how it only infected the 2 machines that i've picked up on the scan.

i'm going to see if they continue to get messages and warnings, but i think this is the end of the worm for now

spiderz · Sep 29, 2009

Switch to linux

STS · Sep 29, 2009

spiderz said:
Switch to linux

while linux has its merits, and we use excellent linux servers, i'd rather have a legion of worms than an Ubuntu operating system

Smooth Criminal · Sep 29, 2009

Yeah because it really is that easy to switch 100 computers to linux and train the users :|

STS · Sep 29, 2009

Smooth Criminal said:
Yeah because it really is that easy to switch 100 computers to linux and train the users :|

linux is good, it's very good, but it's more for technicians, programmers and engineers than it is for secretaries and bosses, and most programs are designed for windows operating systems, especially the programs our company uses. the reason windows has so many flaws is becoz it was made for convenience, and it's this convenience people take advantage of to cause harm

Smooth Criminal · Sep 29, 2009

smalltownsky said:
linux is good, it's very good, but it's more for technicians, programmers and engineers than it is for secretaries and bosses, and most programs are designed for windows operating systems, especially the programs our company uses. the reason windows has so many flaws is becoz it was made for convenience, and it's this convenience people take advantage of to cause harm

Well that's the point - it's not really feasible for average working class folks who are not technically minded.

Having said that, I'd have to disagree slightly with respect to Windows having flaws. All operating systems have flaws, but Windows has been more actively targeted due to it's user base.

We could equate it to a shark - would he rather chase 5 fish, hoping to catch one of them. Or would he go after a large shoal of sardines?

Anyway this is a debate for another day. Hope you come good with the Conficker worm

It was really annoying and difficult to remove when it first came out, but you should have more success now.

kronoSX · Sep 29, 2009

smalltownsky said:
while linux has its merits, and we use excellent linux servers, i'd rather have a legion of worms than an Ubuntu operating system

but you do have them,its there all 100 pc's

STS · Sep 30, 2009

Smooth Criminal said:
Well that's the point - it's not really feasible for average working class folks who are not technically minded.

Having said that, I'd have to disagree slightly with respect to Windows having flaws. All operating systems have flaws, but Windows has been more actively targeted due to it's user base.

We could equate it to a shark - would he rather chase 5 fish, hoping to catch one of them. Or would he go after a large shoal of sardines?

Anyway this is a debate for another day. Hope you come good with the Conficker worm It was really annoying and difficult to remove when it first came out, but you should have more success now.

i did come right, i found that it was a laptop that only occasionally plugged into the network that was sending out the worms, so using the program really helped. i'm use to dealing with most worms, but this one was really REALLy bad

thanks for al lthe support again.

i am a bigger fan of windows(in fact i'm only a fan of windows, and as time goes on even vista when i alter it enough) than any other operating system, but that's probably becoz it's all i've ever really fixed and used. people will always have their own tastes in operating systems, but i've never really understood why Windows gets all the criticism it gets, besides the high prices

Synaesthesia · Sep 30, 2009

but i've never really understood why Windows gets all the criticism it gets, besides the high prices

The fact that it gets unkillable worms!

kronoSX · Sep 30, 2009

Join the MyBroadband community

Get started

Need advice on killing an unkillable worm

STS

Mafia Detective

jord@n

Active Member

STS

Mafia Detective

roddyp

Well-Known Member

tco21

Cynical Grinch

wishblade

Senior Member

STS

Mafia Detective

STS

Mafia Detective

spiderz

Honorary Master

STS

Mafia Detective

Smooth Criminal

Expert Member

STS

Mafia Detective

Smooth Criminal

Expert Member

kronoSX

Honorary Master

STS

Mafia Detective

Synaesthesia

Executive Member

kronoSX

Honorary Master