I am trying to help out a freind with a small business. He has two windows 2003 server (one domain controller and one member server). He has a couple of small offices use remote desktop into the member server at the main office. Remote desktop stopped working and he got a call from his ISP saying there was a huge amount of spam coiming from his internet connection. He didn't have any anti virus on the servers, so I had him buy the AVG server product and I installed malwarebytes. Both AVG and Malwarebytes found a bunch of viruses on the servers. It supposedly cleaned the servers, but he still had a problem with remote desktop connections. I booted both server into safe mode and scanned them with both products. Malwarebytes found a virus on each server and the AVG found nothing. Malwarebytes apparently removed it and once I rebooted back into normal windows mode, remote desktop started working again just fine...until about 10 minutes later, when the same problem started happening again. I am now back in safe mode doing scans again, but I need to find some heavy duty virus scanning products that will get rid of this. Any ideas???
I wanted to post the name of the virus Malwarebytes found, but the log didn't get saved so, I'll post back again once this current scan get's done (assuming it still finds the virus)