Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Entire network infected by something please help

  • Please log in to reply
1 reply to this topic

#1 shawnkh2003


  • Members
  • 2 posts
  • Local time:01:20 PM

Posted 06 January 2010 - 01:09 PM

We have several computers in our office. A few servers. Operating systems: Windows XP, Vista, 2000, server 2003, server 2008. Someone clicked on a malicious file last week and I though it was just an isolated incidence. It was a windows xp computer. We have mcafee enterprise on all of the computers but that didn't help. I used combo fix and malwarebytes to clean the inital computer that was infected. After a few days another computer had a virus, I did the same thing. That entire network became infected and it spread to another one. I am not sure how the servers are doing I can't run combo fix on them but malwarebytes ran and returns nothing. Here are some of the bad files combofix has been finding and deleting:
qmgr0.dat, qmgr1.dat, avdrn.dat, patchw32.dll, pw32a.dll, autorun. inf. Also on some computers are .scr files in the system32 directory and cafmg.exe in the windows system drivers directoy.

I have went to every computer and run combofix and malwarebytes and unshared them from the network. THe network got a little better but it is still too slow to work. Can't connect to some computers. We also have a seperate network that can't see the internet, but a few computers had connections to both networks and the virus has spread to those comptuers and servers too. Any help would be appreciated thanks.

One more note certain services like active directory, rfc locator and net logon have either stopped or act up on the servers.

BC AdBot (Login to Remove)


#2 garmanma


    Computer Masochist

  • Members
  • 27,809 posts
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:03:20 PM

Posted 06 January 2010 - 06:28 PM

Because this is a business environment, with many computers, time is of the essence It is recommended the you contact a local IT service
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users