Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to determine where the infection came from


  • Please log in to reply
2 replies to this topic

#1 PandaBear20202

PandaBear20202

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 20 January 2010 - 03:49 PM

Hello all,

does anyone have any idea of how to find out the source of a virus? like on a private network? a few of my coworkers keep getting hit with the conficker and my anti-virus program tells me that it has detected and stoped threats while i was logged out. i am using Symantec Endpoint. Any help would be greatful.

--thanks

BC AdBot (Login to Remove)

 


#2 RJ350z

RJ350z

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:13 AM

Posted 21 January 2010 - 08:24 AM

You can try checking logs from your security software. It should show network attack attemtpts with recorded IP adresses.

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,942 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:13 AM

Posted 21 January 2010 - 08:34 AM

IMPORTANT NOTE: Are these all work computers? If so, have you contacted and advised your IT Department? In most work environments, the IT staff implement specific policies and procedures for the use of computer equipment and related resources. In fact, many companies will require you to read those policies and sign a statement of understanding. These official procedures are designed and implemented to provide security and certain restrictions to protect the network. This allows all users to safely use business resources with minimum risk of malware infection, illegal software, and exposure to inappropriate Internet sites or other prohibited activity. We will not assist with attempts to circumvent those policies or security measures.

Our forums are set up to help the home computer user deal with issues and questions relating to personal computers. We are not equipped to involve ourselves in any legal issues that may arise due to loss of business data and loss of revenue as a result of malware infection or the disinfection process which in some instances require reformatting and reinstallation of the operating system.

A business IT staff generally has established procedures in place to deal with issues and infections on client machines on the network. As such, they may not approve of employees seeking help at an online forum or outside the business office as doing so could interfere or cause problems with their removal methods. Further, the malware you are dealing with may have infected the network. If that's the case, the IT Department needs to be advised right away so they can take the appropriate measures.

With that said you and your co-workers can at least learn how to protect your system from the Conficker/Downadup Worm infection by reading these articles:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users