[Drjones]

I have a new client with a Windows 2000 PC they're using as a server.

It's caught a nasty virus that turns all your folders & files into applications - .exe

I've ran MalWareBytes, Microsofts Malicious Removal Tool, running ClamWin now...

I ran the "New Folder Removal" tool which seemed to fix it - for about 30 min.

The problem is that not only have none of the other tools found any infections but many tools I'm trying such as HitMan, ComboFix, etc. are not compatible with Win2K!!

What do I do?

My next step is going to be booting to a few different rescue CD's like BitDefender & Kaspersky. I was going to do that when I was on-site but all my bootable discs are DVDs, and of course this machine is so ancient it has a CD-ROM.

Help!

[TK-421]

Is Microsoft Security Essentials compatible with 2000?

[Drjones]

Quote:

Originally Posted by TK-421

Is Microsoft Security Essentials compatible with 2000?

I believe so, yes.

[TK-421]

I'd give that a shot, I've had great success with Microsoft Security Essentials. It's pretty good at picking up the stuff that other programs don't detect.

[Drjones]

Quote:

Originally Posted by TK-421

I'd give that a shot, I've had great success with Microsoft Security Essentials. It's pretty good at picking up the stuff that other programs don't detect.

....aaaand it's not compatible with Win2K.....

[1337-G]

Lol time to fire that client.

[TK-421]

Quote:

Originally Posted by Drjones

....aaaand it's not compatible with Win2K.....

Sounds like it's time to upgrade to a modern version of Windows.

[Drjones]

Ok, I'm not going to hold my breath, but I *think* I may have gotten it....if not, I'm going to backup all the data tomorrow, put it on a different CLEAN PC, and get them upgraded to a NAS.

It's a real disaster over there; virtually all software is totally out of date, not a single computer running antivirus software...

[TK-421]

Quote:

Originally Posted by Drjones

Ok, I'm not going to hold my breath, but I *think* I may have gotten it....if not, I'm going to backup all the data tomorrow, put it on a different CLEAN PC, and get them upgraded to a NAS.

It's a real disaster over there; virtually all software is totally out of date, not a single computer running antivirus software...

I have just the thing to make you feel better.

http://www.rinkworks.com/stupid/cs_abuse.shtml

[sbhaven]

Combofix is the last resort option that works great at cleaning nasty infections that other tools cannot clean. Sadly they no longer support Windows 2000.

[GIockGuy24]

Live CD's.

http://www.majorgeeks.com/Avira_Anti...tem_d6005.html

Avira is the easiest to use and works very well.

http://www.majorgeeks.com/Kaspersky_...isk_d6501.html

http://www.majorgeeks.com/Dr._Web_LiveCD_d6817.html

Dr. web is one of the best and combines different antivirus engines.

http://www.majorgeeks.com/F-Secure_Rescue_CD_d6628.html

I run F-Secure and Bitdefender in Linux on an external USB hard drive and F-Secure scans Windows well.

http://www.majorgeeks.com/Zillya_LiveCD_d7384.html

I haven't used the Zilla! live CD but it might be worth trying.

I Haven't used the Bitdefender Live CD in a long time but it looks like it might still be available.

Direct download.

http://download.bitdefender.com/resc...-rescue-cd.iso


http://bitdefender-rescue-cd.en.softonic.com/


Previous version.


http://forum.bitdefender.com/index.php?showtopic=36646


http://www.howtogeek.com/howto/36677...r-infected-pc/

Many live CD scanners.

http://www.askvg.com/download-free-b...re-and-others/


http://live.vipreantivirus.com/

Thank you for downloading Panda SafeCD from CNET Download.com

Thank you for downloading Panda SafeCD from CNET Download.com

Direct download.

http://download.cnet.com/3001-2239_4-10967336.html


http://www.avg.com/us-en/avg-rescue-cd-download


Bitdefender internet scanner.

http://www.bitdefender.com/scanner/online/free.html

Some tools that may run in Windows 2000.

http://www.majorgeeks.com/RKill_d6848.html

http://www.majorgeeks.com/F-Secure_E...ean_d7729.html

http://www.majorgeeks.com/Kaspersky_...ool_d4515.html

http://www.majorgeeks.com/Sophos_Vir...ool_d7714.html

http://www.majorgeeks.com/Trend_Micr...ner_d6319.html

.

[Drjones]

Wow, THANKS for all those links! Downloading much of that now....

[DoubleWide]

It's called a restore. Also tell your client that they should stop using an OS that Microsoft stopped supporting about 2 years ago.

[srhoades]

That sounds more like a worm that a virus. Maybe this will help?

http://forum.precisesecurity.com/com...pplication-exe

[Drjones]

Man, what a mess. The "host" pc that infected the network wouldn't run the Kaspersky bootable rescue disk I brought. I tried BitDefender bootable rescue, and that kept giving me cryptic errors.

Finally pulled the drive, scanned with Malwarebytes AND AVG, MBAM removed 6 bugs.

Popped the drive back in.....and......still infected.

I'm done with that, the machine is an old, home-built POS that's long overdue for replacement anyway and the client is fine with that.

After those issues, I was discouraged & stopped the DrWeb scan on the server (bootable disk also). I'm going to see how to get the program to run off a workstation until we can get a new solution. That Win2k server is another big disaster waiting to happen.

[Drjones]

So the database program they use is in Visual FoxPro....can we just put the files onto a NAS & run from there, or does something actually have to get installed onto a server?

I'm trying to get in touch with the man who set this up in the first place to get help.