Solved

Ultimate Boot CD on a SBS 2003?

Posted on 2011-03-16
14
837 Views
Last Modified: 2013-11-22
Hey Experts!!

We've been infected with a Trojan on our SBS 2003.  I was wondering what the best way to go about getting rid of it is? I'd like to use a UBCD for Windows, but not sure if it will work on an SBS 2003 system.  

Any and all recommendations are appreciated!
0
Comment
Question by:LZ1
  • 5
  • 4
  • 2
  • +1
14 Comments
 
LVL 4

Expert Comment

by:CHutchins
ID: 35147521
Ive never used the root apps on a server but you can try combofix it will eliminate just about everything under the sun.
0
 
LVL 30

Author Comment

by:LZ1
ID: 35147887
I just saw that combofix will only run on non-server editions of Windows.
0
 
LVL 26

Expert Comment

by:Thomas Zucker-Scharff
ID: 35148084
@CHutchins the bootcd you refer to contains pirated software and is not referenced on EE.  

@LZ1 If you are looking for a good boot device try creating one with SARDU.  It takes some time for the downloads, but is well worth it.  I haven't used it on the system specified, but have used it on Server 2003 R2.  You need to be very careful using it on any server system though.  See my article on SARDU (version 1.x, 2.x is out now and is much better):

http://www.experts-exchange.com/Storage/Misc/A_3038-Boot-Disks-UBCD-UBCD4Win-and-SARDU.html
0
 
LVL 30

Author Comment

by:LZ1
ID: 35148336
@tzucker: This SARDU seems like a good option.  Hopefully it works on SBS 2003.  

I've never done this on a server system though. Anything in particular I need to be aware of?  

Also, do I need to make the disc from the system it's going to be used on?
0
 
LVL 26

Expert Comment

by:Thomas Zucker-Scharff
ID: 35148479
You can make it on any system (choose one that you can leave alone for a while, since if you download everything it comes to ~4.6gb - which means you will have to eliminate some things in order to fit on DVD, I use a USB device).  I have several SARDU images, 1 for DVD, and 2 for USB (larger).  

It's been a while since I used it on the server, but beware of using anything that runs without giving you options to choose what to quarantine/delete.  Also I download and created my own version of UBCD4Win (you can update all virus definitions and apps).  I then renamed it and put it in the SARDU ISO directory.  My suggestion for this is to let SARDU download a version of it's own and then name your version the same and copy over SARDU's version.  If you choose the UBCD4Win option in your SARDU created disk, try Vipre first, it runs well on server installations.

Whatever you do be sure you have a backup before doing anything.
0
 
LVL 30

Author Comment

by:LZ1
ID: 35148606
Sorry to be so ignorant tzucker, but is there a step by step tutorial for making one of these boot DVD/USB's?  

Also, how can I get the server to boot from a USB?
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 26

Expert Comment

by:Thomas Zucker-Scharff
ID: 35148714
I personally haven't booted from USB on my server, I use the DVD.  If you follow the article it should be fairly obvious how to make a bootable DVD/USB.

1

Download SARDU from http://www.sarducd.it/downloads.html

2

Click each button in the SARDU menu to download each image (ISO or IMG) - note there is at least 1 torrent you have to use a torrent client for and at least 1 zip you have to decompress

3

Once you have finished check each box you want to include in the resulting ISO or bootable USB

4

Click the button to either create an ISO or USB

5

If you create an ISO, you will then need to burn it to a DVD (make sure the size is 4.4gb or less)
Hope that helps!
0
 
LVL 8

Expert Comment

by:lancecurwensville
ID: 35149181
@tzucker:
I don't want to hi-jack a tread, but what is it about UBCD for Windows that is pirated?  I'll accept that it is without dispute but I've never heard that it was.
0
 
LVL 26

Expert Comment

by:Thomas Zucker-Scharff
ID: 35149241
Not UBCD4Win, but the one that rhymes with sirens.  Some software on that CD must be legally licensed and is not.
0
 
LVL 8

Expert Comment

by:lancecurwensville
ID: 35149521
@tzucker:

thanks for clarification
0
 
LVL 30

Author Comment

by:LZ1
ID: 35150406
@tzucker: Do you have any recommendations for the software I should choose when burning to the ISO?  I did most of the anti-virus programs, but what about the utilities/Linux/Windows?
0
 
LVL 26

Accepted Solution

by:
Thomas Zucker-Scharff earned 500 total points
ID: 35150607
For burning the ISO try DeepBurner.  In terms of what to download note that UBCD in the utility section is NOT UBCD4Win, which is in the Windows section.  I would download UBCD4Win and any Windows recovery disks you might use in the Windows section.  Ubuntu in the Linux section, and pretty much everything in the utility section (they come in handy) - Note that Trinity Rescue Kit has a steep learning curve if you are not used to Linux.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now