I made a domain in which there are some client computer with windows xp pro. i have not used antivirus software in domain controller so viruses spread in whole domain. Now please give me any solution to remove viruses without effecting the system.piush@786

Hello, What is happening that you say your DC's are infected? What are the simptoms? How have you verified? Before proceeding, make sure that your DC's are in fact infected. Unless people are surfing from the DC's, installing software or the DC's (and otehr servers) are unpatched, it's unlikely to have servers infected by viruses (but it is possible). 1. First, make a system state backup and backup any data across your dc's and other servers. 2. If the network is relatively small, turn off the client pc's so that if the virus came in through an RPC, DCOM, etc exploits it will not come back before you get a chance to patch the system. 3. Install an AV program on the servers and clean any viruses 4. Immediately update the servers with any critical security patches that are available. 5. Unplug network cables so that the PC's cannot send traffic to the now clean servers or to each other. 6. Turn on 1 PC, and install ANtivirus software and run the AV software until clean 7. Immediately update that PC with all critical security updates 8. Repeat steps 6 and 7 until all PC's are clean Of course if you have a large LAN this method might not be feasible. If that's the case, post back. Miguel Fra / Falcon IT Services Computer & Network Support, Miami, FL Visit our Knowledgebase and Support Sharepoint Site

there are large network so that it is impossible to turn off all pc,s in network and symptoms like when any pc join the domain it is starting hanging and detecting malware and viruses from there awast antiviruse software so please provide me solution for this environment. Thanks in advancepiush@786

I would work after hours so as to isolate the servers. Scan them, fix them if necessary then patch them. Once they are patched, turn on the server firewall (if its off) to only allow ports that are necessary for the server type. Next, look into enterprise class managed AV. I am not familiar with avast, but you may want to call the company and check to see if you can centrally manage the avast a/v client. If so, make sure that the client policy "locks down" client pc's that have been infected and keeps them in lock down until the av scanner updates, runs and cleans each pc. If you want less generic information, please provide a network topology because I don't even know what OS you are running on the servers and clients. Be specific please. After you fix these problems, find out how you got into this mess in the first place. Having multiple pc's in a domain all getting infected tells me you may need to look over your policies.Miguel Fra / Falcon IT Services Computer & Network Support, Miami, FL Visit our Knowledgebase and Support Sharepoint Site

Hi, I understand your current situations. However, generally speaking, Microsoft recommend that you perform a reinstallation or restore the computer from a previous backup if you have virus on your computers. By the way, I would also like to suggest that you call Microsoft PC Safety telephone number, 1-866-727-2338 (1-866-PCSAFETY). This service offers no-charge assistance for virus-related issues or questions. Also, you can check Microsoft Security and Privacy Web site at: http://www.microsoft.com/security/ This Web site offers various articles, updates, tips and tricks, and resources to protect both home and business computers from virus infection or attacks. http://blogs.msdn.com/securitytipstalk/archive/2007/07/20/who-you-gonna-call.aspx Best Regards, Vincent Hu

Hello, I agree with Vincent about platform re-installation. Although time consuming, it's the only way to guarantee that your system is 100% clean. MiguelMiguel Fra / Falcon IT Services Computer & Network Support, Miami, FL Visit our Knowledgebase and Support Sharepoint Site