MezzutOzil
asked on
Few servers were found infected by the same virus, how to solve?
These are using a few MS Windows 2003 R2 servers. Recently, found that these servers were full of some strange files and folders. Files, such as, sexy.exe, secret.exe, passwords.exe, etc. Folders, are those ended with .exe, and 220 KB in size.
The server is installed with Symantec Endpoint Protection 12. What virus is this, and how to dis-infect and get rid of it, once for all.
Thanks in advance.
The server is installed with Symantec Endpoint Protection 12. What virus is this, and how to dis-infect and get rid of it, once for all.
Thanks in advance.
I would verify no system files have been altered.
Go to start and type SFC /scannow and hit enter
This checks system files. If it finds a system file that's been modified, it will ask you to insert the Windows CD. If you don't have it, you should be able to click IGNORE and continue.
Go to start and type SFC /scannow and hit enter
This checks system files. If it finds a system file that's been modified, it will ask you to insert the Windows CD. If you don't have it, you should be able to click IGNORE and continue.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Issue solved as last. Thank you very much.
Malware
"to get rid of it"
Run these malware cleaners in safe mode.
1. Rogue Killer http://www.bleepingcomputer.com/download/roguekiller/
2. Combo Fix http://www.bleepingcomputer.com/download/search/?keyword=combofix
3. Hitman Pro http://www.surfright.nl/en/hitmanpro/
4. TDS Killer http://www.bleepingcomputer.com/download/tdsskiller/
5. Malwarebytes http://www.malwarebytes.org/
6. SuperAntiSpyware www.superantispyware.com
http://freebies.about.com/od/computerfreebies/tp/best-free-antivirus.htm