Solved

Help with autorun.inf virus on server 2003

Posted on 2014-10-14
3
193 Views
Last Modified: 2014-10-21
Has anyone clean this virus from there 2003 server. I need help with this. It looks like it is in a folder on the F drive. I have run C:\>attrib -r -h -s autorun.inf
on all drivers but comes back with file not found. It is there as it creates file on the server and also I can turn on view all hidden files. It is causing a lot of problems on my server. Please any help with this would be great. Thank you.
0
Comment
Question by:jodyreid
3 Comments
 
LVL 28

Expert Comment

by:Predrag Jovic
ID: 40380856
The simplest way for me is to start newer version on CCleaner - Portable.
Under tools you have startup -> Windows and Scheduled tasks - to see in there anything suspicious.
I like this way :) in some cases I can remove entries without restart.
But since Virus is active you can find it's starting location, and manually remove it in safe mode, and scanning with antivirus is recommended anyway (but you already know that).

Otherwise you can achive same thing -> control panel -> Administrative Tools
System configuration (cmd ->msconfig)
Task Scheduler (cmd ->taskschd.msc)
0
 
LVL 12

Accepted Solution

by:
jkaios earned 500 total points
ID: 40381169
- Obtain Autoruns utility from SysInternal/Microsoft
- Restart your server in Safe Mode
- run the Autoruns utility then examine and delete/disable all unnecessary startup programs/services
- Go to Control Panel and select Folder Options
- click the View tab
- click to select Show hidden files and folders
- uncheck Hide protected operating system files
- click Apply/OK
- now find all copies of "autoruns.inf" on ALL drives (not just the F: drive) and delete them
- restart your server in normal mode
0
 

Author Closing Comment

by:jodyreid
ID: 40395041
Thank you. For all your help with this
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question