Solved

win32/qakbot

Posted on 2010-11-18
13
863 Views
Last Modified: 2013-12-06
We are running CA antivirus and keep getting the win32/qakbot trojan. CA finds it and removes it but it keeps coming back. I see there was already a post or two about this from last year but I was hoping there was something out there easier to do to prevent our servers and computers from continually getting infected. CA isn't getting back to me for 2 more hours.
I have run malwarebytes which again removes it but it keeps coming back.
0
Comment
Question by:jtano
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
  • 2
  • +1
13 Comments
 
LVL 7

Expert Comment

by:myhc
ID: 34168734
Purchase something better. Like Norton (that's a no from me) or McAfee (ah, much better)

0
 

Author Comment

by:jtano
ID: 34168797
Yes, we are in the process of purchasing kapersky but that is not going to help us at the moment.
0
 
LVL 25

Expert Comment

by:madunix
ID: 34168930
get ESET  http://www.eset.com
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 

Author Comment

by:jtano
ID: 34170198
So this trial will keep the virus away or will it be like malware bytes find it get rid of it then it comes back again. Which is what CA does.  
0
 
LVL 22

Expert Comment

by:optoma
ID: 34172943
Try Hitmanpro on your machines. Scans quick and can be effective. Not a replacment for your resident AV. Personally, i like Eset but they all are gonna miss/let something by these days.
http://www.surfright.nl/en/hitmanpro
0
 
LVL 25

Expert Comment

by:madunix
ID: 34173046
0
 

Author Comment

by:jtano
ID: 34179944
The trial for ESET says it doesn't work for server 2000 and I did download the 32 bit one.
None of these seem to be keeping the virus away.  The comodo one requires sql express, which I can't put on this server. Any other ideas to get rid of this win32\qakbot that is infecting all of our computers. and servers. Thanks
0
 

Author Comment

by:jtano
ID: 34179948
It also says comodo is for 2003 and up
0
 
LVL 25

Expert Comment

by:madunix
ID: 34180022
Use one the rescue CD to boot from it in the link
http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/
for example http://www.techmixer.com/kaspersky-rescue-disk-load-kaspersky-antivirus-2009-using-dos/  Just download the iso, burn it to a cd boot from it and remove all malware / rootkits as long as they are inactive on the windows partition.

Boot-able anti virus Rescue CD method consider as the most effective way to remove the virus, trojan and malware because it track down some viruses, trojans and other malware are embedded so tightly into your operating system that when you boot Windows the normal way. Mostly virus is also loaded and cannot be detected or removed by antivirus software  running in that system. In such a case, booting antivirus rescue CD under clean environment can increase chances to track down virus easily which there no interfere from any windows OS services.
0
 
LVL 22

Expert Comment

by:optoma
ID: 34180106
Hitman gives an error on running ?
0
 

Author Comment

by:jtano
ID: 34181621
I was afraid to try hitman on these particular servers since everything kept crashing them. I wanted something that would keep it off and was an antivirus. Anyway I found a version of kapersky that would go on the servers and not crash them and found the trojan and so far has appeared to keep if off
0
 

Accepted Solution

by:
jtano earned 0 total points
ID: 34443245
Found we had to make sure everyones CA was updated and had to run a whole scan on all and used Kapersky on server 2000. Nothing was simple it took days to fix it.
0
 

Author Closing Comment

by:jtano
ID: 34463306
I was looking for something simple,,,turns out there isn't anything.
0

Featured Post

SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question