Solved

Masive Virus attack has left server inaccessible

Posted on 2006-07-21
5
199 Views
Last Modified: 2010-04-18
Hello all,
  I recently was asked to look into why a Windows Server Standard Edition 2003 would not complete the logon process.  After a few questions about leading up to this situation is I was told that they were infected by at least 75 downloader and trojan type viruses.  I was able to load Norton AV 10. and clean most of them however I got stuck with the userinit.exe failed to load.  I followed several papers pertaining to this fix yet none of them work.  The server would still boot to safe mode however,  was unable to clear userinit.exe issue.  Ran highjackthis and removed several definite issues but after the re-boot still not loading in full mode.  also, now safe mode does not load hangs after login.  Resturant is in a pickle.  I am extremly close to giving up and doing a complete format and rebuild.  Any ideas?
Thanks,
Matt
0
Comment
Question by:Claimtrust
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17158386
try performing a repair install straight off the disk, is replaces all your system files and gives you a clean install without data loss
0
 

Author Comment

by:Claimtrust
ID: 17158449
JAy Jay70,
Thanks for the info, I was already thinking that as well.  Going back tonight at 11:00 and will perfom this task.  Will post results.
0
 

Author Comment

by:Claimtrust
ID: 17160335
Ok All,
  It is now Saturday morning @ 11:00 I just woke up after 3 hours of sleep and after 7 straight hours of battling this Virus attack from you know were. I did  attempt to go with Jay Jay70's suggestion as I also thought of that however, the install could not even detect a previous version of windows installed.  My only choice was to do a complete format and re-instsall of both the 2003 Server OS and the resturant software.  Clients are happy and I was also able to keep there last 4 days of data that they were unable to print because of there issue.

No points are to be awarded and this question needs to be closed.
Thanks,
Claimtrust-Matt
0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 17631260
PAQed with points refunded (500)

CetusMOD
Community Support Moderator
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question