Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 866
  • Last Modified:

win32/qakbot

We are running CA antivirus and keep getting the win32/qakbot trojan. CA finds it and removes it but it keeps coming back. I see there was already a post or two about this from last year but I was hoping there was something out there easier to do to prevent our servers and computers from continually getting infected. CA isn't getting back to me for 2 more hours.
I have run malwarebytes which again removes it but it keeps coming back.
0
jtano
Asked:
jtano
  • 7
  • 3
  • 2
  • +1
1 Solution
 
myhcCommented:
Purchase something better. Like Norton (that's a no from me) or McAfee (ah, much better)

0
 
jtanoAuthor Commented:
Yes, we are in the process of purchasing kapersky but that is not going to help us at the moment.
0
 
madunixChief Information Security Officer Commented:
get ESET  http://www.eset.com
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
jtanoAuthor Commented:
So this trial will keep the virus away or will it be like malware bytes find it get rid of it then it comes back again. Which is what CA does.  
0
 
optomaCommented:
Try Hitmanpro on your machines. Scans quick and can be effective. Not a replacment for your resident AV. Personally, i like Eset but they all are gonna miss/let something by these days.
http://www.surfright.nl/en/hitmanpro
0
 
madunixChief Information Security Officer Commented:
0
 
jtanoAuthor Commented:
The trial for ESET says it doesn't work for server 2000 and I did download the 32 bit one.
None of these seem to be keeping the virus away.  The comodo one requires sql express, which I can't put on this server. Any other ideas to get rid of this win32\qakbot that is infecting all of our computers. and servers. Thanks
0
 
jtanoAuthor Commented:
It also says comodo is for 2003 and up
0
 
madunixChief Information Security Officer Commented:
Use one the rescue CD to boot from it in the link
http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/
for example http://www.techmixer.com/kaspersky-rescue-disk-load-kaspersky-antivirus-2009-using-dos/  Just download the iso, burn it to a cd boot from it and remove all malware / rootkits as long as they are inactive on the windows partition.

Boot-able anti virus Rescue CD method consider as the most effective way to remove the virus, trojan and malware because it track down some viruses, trojans and other malware are embedded so tightly into your operating system that when you boot Windows the normal way. Mostly virus is also loaded and cannot be detected or removed by antivirus software  running in that system. In such a case, booting antivirus rescue CD under clean environment can increase chances to track down virus easily which there no interfere from any windows OS services.
0
 
optomaCommented:
Hitman gives an error on running ?
0
 
jtanoAuthor Commented:
I was afraid to try hitman on these particular servers since everything kept crashing them. I wanted something that would keep it off and was an antivirus. Anyway I found a version of kapersky that would go on the servers and not crash them and found the trojan and so far has appeared to keep if off
0
 
jtanoAuthor Commented:
Found we had to make sure everyones CA was updated and had to run a whole scan on all and used Kapersky on server 2000. Nothing was simple it took days to fix it.
0
 
jtanoAuthor Commented:
I was looking for something simple,,,turns out there isn't anything.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 7
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now