H2K Posted July 23, 2013 ID:706177 Share Posted July 23, 2013 Hi Guys My Server is infected with Malware / Trojan i have Escan License Antivirus installed on my Server but its not detecting it also i tried to run Malwarebytes but its also not detecting it. the malware effects on sql database and disconnects it and auto changes the sql username and password. Also its creates some faulty users in my AD and creates some weird files in C: drive and in Windows/system32 folder i send the screen shot of those files. The 1st Image is From C DRIVE see all 1kb files i tried to remove it manually but they again showed up and keep increasing with different names. And the 2nd image is from C:Windows/system32 . Please some one help me out and explain it to me that how can i remove that malware permanently. Thanks & Regards. Link to post Share on other sites More sharing options...
H2K Posted July 23, 2013 Author ID:706198 Share Posted July 23, 2013 Guys Also i forget to mention my Server firewall is Turned of and its not turning on i tried several ways but its still not working please help me in this also. Link to post Share on other sites More sharing options...
H2K Posted July 23, 2013 Author ID:706199 Share Posted July 23, 2013 Also i just Realize that i Post this thread in Wrong Section so i have request to Admin please Move this thread to Malware Support Section Please. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 23, 2013 Root Admin ID:706202 Share Posted July 23, 2013 Hello H2K As this is a Server it really is probably best to simply do a restore from backups. If antivirus and Malwarebytes Anti-Malware are not able to deal with it then it will require additional tools that really are not well suited for Servers. Servers are a business product and as such should be getting good solid backups daily. Link to post Share on other sites More sharing options...
H2K Posted July 23, 2013 Author ID:706219 Share Posted July 23, 2013 Hello H2K As this is a Server it really is probably best to simply do a restore from backups. If antivirus and Malwarebytes Anti-Malware are not able to deal with it then it will require additional tools that really are not well suited for Servers. Servers are a business product and as such should be getting good solid backups daily. Dear AS, the problem is dont know that on which date this virus attacks on my server so i cant able to restore from back also any suggestion for the server firewall Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 23, 2013 Root Admin ID:706223 Share Posted July 23, 2013 You can post in the Malware Removal forum but I cannot promise that anyone will take on your request for help or not. As I said, most tools are not geared for Server and typically it would not matter too much when it was infected as the OS could be rebuilt and data restored from backup, very few infections affect user data. Post a new topic here and let them know your issue or link back to this post and we'll see if someone can assist you. http://forums.malwarebytes.org/index.php?showforum=7 Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now