Help with autorun.inf virus on server 2003

Has anyone clean this virus from there 2003 server. I need help with this. It looks like it is in a folder on the F drive. I have run C:\>attrib -r -h -s autorun.inf
on all drivers but comes back with file not found. It is there as it creates file on the server and also I can turn on view all hidden files. It is causing a lot of problems on my server. Please any help with this would be great. Thank you.
jodyreidIT ManagerAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
jkaiosConnect With a Mentor IT DirectorCommented:
- Obtain Autoruns utility from SysInternal/Microsoft
- Restart your server in Safe Mode
- run the Autoruns utility then examine and delete/disable all unnecessary startup programs/services
- Go to Control Panel and select Folder Options
- click the View tab
- click to select Show hidden files and folders
- uncheck Hide protected operating system files
- click Apply/OK
- now find all copies of "autoruns.inf" on ALL drives (not just the F: drive) and delete them
- restart your server in normal mode
0
 
Predrag JovicNetwork EngineerCommented:
The simplest way for me is to start newer version on CCleaner - Portable.
Under tools you have startup -> Windows and Scheduled tasks - to see in there anything suspicious.
I like this way :) in some cases I can remove entries without restart.
But since Virus is active you can find it's starting location, and manually remove it in safe mode, and scanning with antivirus is recommended anyway (but you already know that).

Otherwise you can achive same thing -> control panel -> Administrative Tools
System configuration (cmd ->msconfig)
Task Scheduler (cmd ->taskschd.msc)
0
 
jodyreidIT ManagerAuthor Commented:
Thank you. For all your help with this
0
All Courses

From novice to tech pro — start learning today.