Jump to content

Recommended Posts

Hi Guys My Server is infected with Malware / Trojan i have Escan License Antivirus installed on my Server but its not detecting it also i tried to run Malwarebytes but its also not detecting it. the malware effects on sql database and disconnects it and auto changes the sql username and password.

 

Also its creates some faulty users in my AD and creates some weird files in C: drive and in Windows/system32 folder i send the screen shot of those files.

 

The 1st Image is From C DRIVE see all 1kb files i tried to remove it manually but they again showed up and keep increasing with different names.

 

And the 2nd image is from C:Windows/system32 .

 

Please some one help me out and explain it to me that how can i remove that malware permanently.

 

Thanks & Regards.

 

 

post-143124-0-62638300-1374561569_thumb.

post-143124-0-67622700-1374561586_thumb.

Link to post
Share on other sites

  • Root Admin

Hello H2K

 

As this is a Server it really is probably best to simply do a restore from backups.  If antivirus and Malwarebytes Anti-Malware are not able to deal with it then it will require additional tools that really are not well suited for Servers.  Servers are a business product and as such should be getting good solid backups daily.

Link to post
Share on other sites

Hello H2K

 

As this is a Server it really is probably best to simply do a restore from backups.  If antivirus and Malwarebytes Anti-Malware are not able to deal with it then it will require additional tools that really are not well suited for Servers.  Servers are a business product and as such should be getting good solid backups daily.

 

Dear AS,

               the problem is dont know that on which date this virus attacks on my server so i cant able to restore from back also any suggestion for the server firewall

Link to post
Share on other sites

  • Root Admin

You can post in the Malware Removal forum but I cannot promise that anyone will take on your request for help or not.  As I said, most tools are not geared for Server and typically it would not matter too much when it was infected as the OS could be rebuilt and data restored from backup, very few infections affect user data.

 

Post a new topic here and let them know your issue or link back to this post and we'll see if someone can assist you.

 

http://forums.malwarebytes.org/index.php?showforum=7

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.