w32.downadup.B virus

By anjan52 ·
My Antivirus (Symentec) detects this virus and successfully quarantines it. After sometimes it appears again and gives a msg like "quarantine failed". The effected file is winnt/system32/x. Sometimes it shows that the effected file locates in Temporary internet File folder. But actually no file locates there. And it has spread whole LAN.

I tried with Avast as well. no result. Can anybody pls suggest me anything?


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Try this and good luck

by Jacky Howe In reply to w32.downadup.B virus

Removal using the W32.Downadup Conficker Removal Tool

Symantec Security Response has developed a removal tool to clean the infections of W32.Downadup. Use this removal tool first, as it is the easiest way to remove this threat.

Virus alert about the Win32/Conficker.B worm

Collapse -

Try starting the system in Safe Mode without Networking

by HAL 9000 Moderator In reply to w32.downadup.B virus

And scan again and this time Delete the Infection.

You will need to repeat this process over the entire LAN.


Collapse -


by Jacky Howe In reply to Try starting the system i ...

or are you certain that you won't get a Thumb.

Collapse -

Log on as Administrator...

by dixon In reply to w32.downadup.B virus Safe Mode, make sure system, hidden, OS files are set as visible, and delete the offending file(s). If you get a permissions error, take ownership and delete. Also, empty everything out of Temporary Internet Files (not via the control panel applet, but by navigating to the actual folder). Next, go to device manager, hit 'Show hidden devices', check 'non plug and play drivers' and make sure you don't see TDSServ listed. If it's there, you'll just be reinfected. Uninstall it and search the hard drive for TDSServ.sys and delete. Scan the registry for TDSServ and delete any keys that reference it. Then update AV and scan. Good luck.

Related Discussions

Related Forums