BitDefender Security for Exchange
Windows network services might be stopped after Downadup removal process Sometimes, after you ran the Win32.Worm.Downadup removal tool, you might find yourself in position of not being able to :
a) Access your network computers, printers and shares;
b) See a list of computers from your network;
c) Register and update your IP address;
d) Automatically configure your wireless adapter;
BitDefender releases the Downadup removal toolShort description of the Downadup/Conficker/Kido behaviour:
1. It creates files autorun.inf and RECYCLED\{SID<....>}\RANDOM_NAME.vmx on removable drives and on public network shares
2. It stores itself in the system as a DLL-file with a random name in c:\windows\system32\
3. It registers itself in system services with a random name, creating the following service:
Name: netsvcs
ImagePath: %SystemRoot%\\system32\\svchost.exe -k netsvcs
Then the worm creates the following registry entry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netsvcs\Parameters\"ServiceDll" = "[PathToWorm]"
4. The worm deletes any user-created System Restore points.
5. It tries to attack network computers via random ports, using Microsoft Windows vulnerability MS08-067. The worm then creates a http server on the compromised computer on a random port, for example:
http://[EXTERNAL IP ADDRESS OF INFECTED MACHINE]:[RANDOM PORT]
6. Upon successful exploitation, the other computer will then connect to this URL and download the worm spreading the infection.
7. Downadup then contacts several domains and tries to download additional files onto the compromised computer.
Exchange2007 specially crafted email patchA flaw in how the BitDefender antivirus scanner component scans specially crafted emails could make it possible for an infected file not to be recognized.
Asking for assistanceNote: this article only describes how to collect the troubleshooting information for the BitDefender for Windows Servers products. For the tools needed to gather information from the BitDefender Management Server please use this article.
Please run the BitDefender Support tool available here on your server to gather the needed information when contacting the support department.
Manually updating BitDefender for Servers V3 using cumulative.zipDescribes a manual update method when BitDefender's update servers are unavailable, or the server is disconnected from the Internet.
How to obtain a product's exact versionThis article aims to describe the proper way to obtain the exact version of a BitDefender Business product.
Showing articles from 21 to 26 of 26
Page 1 Page 2 Page 3