Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Need urgent assistance with Hakertool.hidewindow spyware virus

Posted on 2010-01-13
8
Medium Priority
?
578 Views
Last Modified: 2013-12-09
Hi Guys

I am having this problem with a virus that keep popping up overtime we restart a server...
This "Hakertool.hidewindow virus keeps reappearing after reboot, all our antivirus client are from "Symantec" which does recognize the virus and quarantine\remove it but when we restart the server it pops up again. We have almost 100 servers with that virus in an isolated network environment.
My question is - how do i get rid of this nuisance? I have tried numerous antivirus application and even SpyDoctor and they remove the virus until I restart the server...
How do I clean this network environment?




0
Comment
Question by:marmoor99
  • 4
  • 3
8 Comments
 
LVL 8

Accepted Solution

by:
Jon500 earned 800 total points
ID: 26302227
Please try a PC-Magazine endorsed scanner at www.prevx.com to see if it recognizes this particular threat/infection. There is a free lightweight and trustworthy scanner you can download. Others will undoubtedly chime in with other recommendations--and you may in fact need to try several scanners until one recognizes and can cleanse your system of this particular virus.

Also, www.spybot.com (a totally free scanner and fixer) keeps on top of most Spyware infections, so you may want to try that too.

Regards,
Jon
0
 

Author Comment

by:marmoor99
ID: 26302280
Is there a free spayware application which does not require installation?
I am not allowed to install anything on those infected servers....
0
 
LVL 8

Assisted Solution

by:Jon500
Jon500 earned 800 total points
ID: 26302367
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:marmoor99
ID: 26302375
That is the first thing I tried...did not work.
Symantec did not recognize the virus in SafeMode scan
0
 
LVL 8

Assisted Solution

by:Jon500
Jon500 earned 800 total points
ID: 26302426
OK--it was not clear whether you had done a safe-mode scan.

May I ask how you know you have the "hacktool.hidewindow" infection if your scanner is not identifying it?
0
 

Author Comment

by:marmoor99
ID: 26302451
It does not recognize this virus when scanning in SafeMode...but it does in regular mode
0
 
LVL 8

Assisted Solution

by:Jon500
Jon500 earned 800 total points
ID: 26302517
I'm sorry but you have few good options other than perhaps a manual removal tool. Because the registry is involved in this particular infection, it is unlikely that you will have success running a cleaning tool from another computer--especially considering the security constraints of your network environment.

Here are manual removal instructions that may or may not apply to your particular infection (if you determine that you have such files as winhelper.exe and win32.exe on your system then it's a good chance these instructions will help you). Obviously, it is going to be difficult for you to carry out these instructions on 100 pr so servers.

http://www.exterminate-it.com/malpedia/remove-hidewindow

I wonder if you can try to re-scan with Safe Mode WITH NETWORKING. Perhaps you had chosen only Safe Mode (without networking)?

Regards,
Jon
0
 
LVL 22

Assisted Solution

by:optoma
optoma earned 200 total points
ID: 26304411
Scan with Eset Online Scanner
http://www.eset.com/onlinescan/scanner.php?i_agree=14

Uncheck "remove found threats" for now
Check "scan archives"

Advanced settings:
Have all three boxes checked

Attach its logfile here after:
C:\Program Files\ESET\ESET Online Scanner\log.txt
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question