Solved

Help with autorun.inf virus on server 2003

Posted on 2014-10-14
3
191 Views
Last Modified: 2014-10-21
Has anyone clean this virus from there 2003 server. I need help with this. It looks like it is in a folder on the F drive. I have run C:\>attrib -r -h -s autorun.inf
on all drivers but comes back with file not found. It is there as it creates file on the server and also I can turn on view all hidden files. It is causing a lot of problems on my server. Please any help with this would be great. Thank you.
0
Comment
Question by:jodyreid
3 Comments
 
LVL 27

Expert Comment

by:Predrag Jovic
ID: 40380856
The simplest way for me is to start newer version on CCleaner - Portable.
Under tools you have startup -> Windows and Scheduled tasks - to see in there anything suspicious.
I like this way :) in some cases I can remove entries without restart.
But since Virus is active you can find it's starting location, and manually remove it in safe mode, and scanning with antivirus is recommended anyway (but you already know that).

Otherwise you can achive same thing -> control panel -> Administrative Tools
System configuration (cmd ->msconfig)
Task Scheduler (cmd ->taskschd.msc)
0
 
LVL 12

Accepted Solution

by:
jkaios earned 500 total points
ID: 40381169
- Obtain Autoruns utility from SysInternal/Microsoft
- Restart your server in Safe Mode
- run the Autoruns utility then examine and delete/disable all unnecessary startup programs/services
- Go to Control Panel and select Folder Options
- click the View tab
- click to select Show hidden files and folders
- uncheck Hide protected operating system files
- click Apply/OK
- now find all copies of "autoruns.inf" on ALL drives (not just the F: drive) and delete them
- restart your server in normal mode
0
 

Author Closing Comment

by:jodyreid
ID: 40395041
Thank you. For all your help with this
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A brand new malware strain was recently discovered by security researchers at Palo Alto Networks dubbed “AceDeceiver.” This new strain of iOS malware can successfully infect non-jailbroken devices and jailbroken devices alike.
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question