Solved

Help with autorun.inf virus on server 2003

Posted on 2014-10-14
3
206 Views
Last Modified: 2014-10-21
Has anyone clean this virus from there 2003 server. I need help with this. It looks like it is in a folder on the F drive. I have run C:\>attrib -r -h -s autorun.inf
on all drivers but comes back with file not found. It is there as it creates file on the server and also I can turn on view all hidden files. It is causing a lot of problems on my server. Please any help with this would be great. Thank you.
0
Comment
Question by:jodyreid
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 30

Expert Comment

by:Predrag
ID: 40380856
The simplest way for me is to start newer version on CCleaner - Portable.
Under tools you have startup -> Windows and Scheduled tasks - to see in there anything suspicious.
I like this way :) in some cases I can remove entries without restart.
But since Virus is active you can find it's starting location, and manually remove it in safe mode, and scanning with antivirus is recommended anyway (but you already know that).

Otherwise you can achive same thing -> control panel -> Administrative Tools
System configuration (cmd ->msconfig)
Task Scheduler (cmd ->taskschd.msc)
0
 
LVL 12

Accepted Solution

by:
jkaios earned 500 total points
ID: 40381169
- Obtain Autoruns utility from SysInternal/Microsoft
- Restart your server in Safe Mode
- run the Autoruns utility then examine and delete/disable all unnecessary startup programs/services
- Go to Control Panel and select Folder Options
- click the View tab
- click to select Show hidden files and folders
- uncheck Hide protected operating system files
- click Apply/OK
- now find all copies of "autoruns.inf" on ALL drives (not just the F: drive) and delete them
- restart your server in normal mode
0
 

Author Closing Comment

by:jodyreid
ID: 40395041
Thank you. For all your help with this
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question