Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1707
  • Last Modified:

How to find and remove a virus

I have a Windows Server 2003 computer that has a really tough virus infection on it.  How can i learn the name of the virus and fix it?
0
Gary Gordon
Asked:
Gary Gordon
  • 4
  • 2
  • 2
  • +4
1 Solution
 
debuggerauCommented:
to locate the name, a virus detector is needed.
If you don't have a commercial one to use, you can try a trial, or free version.

Trend have a housecall product that should detect and name...
http://housecall.trendmicro.com/au/
0
 
simplyakmCommented:
I think you should use Microsoft Windows Malicious Software Removal Tool, it is free and the best thing is it is from Microsoft.

it runs one time to check your computer for inflection by specific prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection it finds. Microsoft releases a new version of the tool every month.

it focuses on the detection and removal of malicious software such as viruses, worms, and Trojan horses only. It does not remove spyware. However, you can use Windows Defender to detect and remove spyware.

for more info
Microsoft Windows Malicious Software Removal Tool
http://www.microsoft.com/security/malwareremove/default.mspx

Windows defender for spywares
http://www.microsoft.com/protect/computer/spyware/default.mspx
0
 
Dhiraj MuthaLevel DCommented:
Have you tried MalwareBytes? If you haven't then try it.
Download Malwarebytes' Anti-Malware to your desktop, check for the tool's Updates before running a scan.
http://www.malwarebytes.org/mbam.php 

If you can't access the above link then use this link:
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button 



If problem persists, use combofix and show us the log.
Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe 

You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.


Best Solution: Format and Reinstall the OS. This is always better to do once your system gets effected with a Torjan/Virus/Spyware.
0
The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

 
Gary GordonSolution IntegratorAuthor Commented:
I have tried the malware bytes software and that did not work.

Last night I ran HiJackThis and I created a log file which I then posted on BleepingComputer.com.  I haven't heard back from anyone yet.

If you like, I can show you the results of that scan.  Is there a way to send a file here on EE or do I just cut and paste the contents of the text file to the post window?
0
 
arvehovCommented:
If your server is heavily infected, I will recommend you to format the disk(s) and reinstall the OS.
This will save you a lot of trouble, but if you really need the data on the server then you would have to get a proper anti-virus software.
0
 
Dhiraj MuthaLevel DCommented:
Have you run Combofix?
0
 
Gary GordonSolution IntegratorAuthor Commented:
No I haven't.  What is that and where should I get it?
0
 
debuggerauCommented:
you can paste your hijackthis file into http://hijackthis.de for results...

I don't think Combofix works on 2003 server, only XP...

0
 
Dhiraj MuthaLevel DCommented:
See my previous comments.
0
 
Dhiraj MuthaLevel DCommented:
Have you tried MalwareBytes? If you haven't then try it.
Download Malwarebytes' Anti-Malware to your desktop, check for the tool's Updates before running a scan.
http://www.malwarebytes.org/mbam.php 

If you can't access the above link then use this link:
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button 



If problem persists, use combofix and show us the log.
Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe 

You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.


Best Solution: Format and Reinstall the OS. This is always better to do once your system gets effected with a Torjan/Virus/Spyware.
0
 
ChiefITCommented:
What leads  you to believe it is a virus. Most viruses are low profile and usually only found out when your antivirus package picks it up.  Maybe a review of the symptoms can lead us to OTHER discrepancies that are really causing your issues.
++++++++++++++++++++++
There are tools to run that helps detect a virus. As already stated, malwarebytes is pretty good. Housecall is another. Here is another called Stinger, from McAfee. It detects many viruses, but not all.

http://vil.nai.com/vil/averttools.aspx

Others are:
Spybot Search and Destroy
Adaware
Kaspersky

++++++++++++++++++++++
To Analize a hijack this log, you can copy and past your log onto this site for analysis. So, there is no need to wait for it being analized:

http://www.hijackthis.de/index.php?langselect=english#anl

+++++

I NEVER recommend going without a commercial brand antivirus package. So, information on your AV package will really help us narrow the possibilities.

0
 
Michael-BestCommented:
Last night I ran HiJackThis and I created a log file which I then posted on BleepingComputer.com.  I haven't heard back from anyone yet.

If you like, I can show you the results of that scan.  Is there a way to send a file here on EE or do I just cut and paste the contents of the text file to the post window?

Yes

Check HDD
Here a link to HDD makers Hard Drive Diagnostics Tools and Utilities
http://www.tacktech.com/display.cfm?ttid=287#samsung
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
  • 2
  • 2
  • +4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now