Solved

Help with autorun.inf virus on server 2003

Posted on 2014-10-14
3
200 Views
Last Modified: 2014-10-21
Has anyone clean this virus from there 2003 server. I need help with this. It looks like it is in a folder on the F drive. I have run C:\>attrib -r -h -s autorun.inf
on all drivers but comes back with file not found. It is there as it creates file on the server and also I can turn on view all hidden files. It is causing a lot of problems on my server. Please any help with this would be great. Thank you.
0
Comment
Question by:jodyreid
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 29

Expert Comment

by:Predrag Jovic
ID: 40380856
The simplest way for me is to start newer version on CCleaner - Portable.
Under tools you have startup -> Windows and Scheduled tasks - to see in there anything suspicious.
I like this way :) in some cases I can remove entries without restart.
But since Virus is active you can find it's starting location, and manually remove it in safe mode, and scanning with antivirus is recommended anyway (but you already know that).

Otherwise you can achive same thing -> control panel -> Administrative Tools
System configuration (cmd ->msconfig)
Task Scheduler (cmd ->taskschd.msc)
0
 
LVL 12

Accepted Solution

by:
jkaios earned 500 total points
ID: 40381169
- Obtain Autoruns utility from SysInternal/Microsoft
- Restart your server in Safe Mode
- run the Autoruns utility then examine and delete/disable all unnecessary startup programs/services
- Go to Control Panel and select Folder Options
- click the View tab
- click to select Show hidden files and folders
- uncheck Hide protected operating system files
- click Apply/OK
- now find all copies of "autoruns.inf" on ALL drives (not just the F: drive) and delete them
- restart your server in normal mode
0
 

Author Closing Comment

by:jodyreid
ID: 40395041
Thank you. For all your help with this
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
What is this Task? 4 182
Server configuration for MS Access - SQL Server app 17 109
how to export this list 4 109
Preventive Maintenance for ISSR 4331 Router 7 50
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question