Windows virus

40 pts.
Tags:
Antivirus
Kaspersky
Windows Server 2003
I have problem with my server work with windows 2003 when I log to server I found the date return to 2004 and kasparsky anti virus is disable and when try to open it or open msconfig or regedit I have message (Another program is currently using this file )

Answer Wiki

Thanks. We'll let you know when a new response is added.

I would recommend going to <a href=”http://housecall.trendmicro.com”>housecall.trendmicro.com</a> and get a free scan of your machine to see if it can fix the server.

**********************************************************************
This <a href=”http://forums.majorgeeks.com/showthread.php?t=38752″>site </a> Has instructions that should remove most virus problems. <b><i>FOLLOW THE INSTRUCTIONS </i></b>, these people are great at solving virus issues, but you need to do exactly as they instruct!
Good Luck!
-Flame
******************************************

Personally, I would stay away from trendmicro. I have had several clients use trendmicro and 7/10 times, the scan caught nothing when AVG, Kaspersky, and Spybot S&D, and Nod32 all found several threats.

Try this scanner:

<a href=”http://www.eset.com/onlinescan/”>Eset</a>

I have heard of your problem before and to have anything work, you will have to find the actual location of the executable files you want to run and right click. Then select Run As… or Run as Administrator. Run these programs as administrator.

Hope this helps!

-Schmidtw

==================
Gotta be careful running as administrator as that is when the most damage is likely to be done. One of the best recovery methods is to boot into safe mode or scan with another boot disk rather than running from the infected client. You can often see what processes are running logged in as the user and then booting into safe mode possibly rename the DLL’s or executables so they do not get started on restart. It may take a lot of iterations to get fully clean. If you are finding it is taking 4+ hours to get clean, you might be better off booting with some other boot disk where you can get access to any data files, copying them off and then performing a fresh install. It is difficult to know how compromised a system is once it has been infected.

————————————–

I would also recommend running a scan with <a href=”http://onecare.live.com/site/en-us/default.htm”>Microsoft Live OneCare</a>, and <a href=”http://www.pandasecurity.com/activescan/index/?track=1&Lang=en-US&IdPais=63″>Panda ActiveScan</a>

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Gent01
    If you can shut the server down I would recomend something like this.
    1,870 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following