Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

server 2003 and combofix


  • Please log in to reply
4 replies to this topic

#1 roses777

roses777

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 08 March 2009 - 08:40 PM

Hi there,

I tried running combofix on a server 2003 machine, and I got a messsge that combofix does not run on a server (forget exact message).
Is this the case for Server2003? Should I be in safemode, on/off the network? Or is there anything else I have not considered?

Roses

BC AdBot (Login to Remove)

 


#2 Lloyd T

Lloyd T

  • Members
  • 853 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:05:35 PM

Posted 08 March 2009 - 08:43 PM

ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer.

#3 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:05:35 PM

Posted 08 March 2009 - 08:53 PM

What type of infection are you attempting to cure, what antivirus was running resident?
Chewy

No. Try not. Do... or do not. There is no try.

#4 roses777

roses777
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 09 March 2009 - 09:40 PM

Hi DaChew,

The infection includes all the latest stuff: antivirus 2008,2009, rootkit, trojan dropper, w32.spybot.worm, etc
We are running Symantec Corporate 10.0.

I have successfully run ComboFix many times without this error message, this is the 1st time that I could not. I rename the combofix.exe file to another extension and change it back just before running it.

Normally I run ComboFix in SafeMode, but, for whatever reason, I could not get into safemode this time. To start with, I want confirmation that
1. ComboFix runs on a server2003 PC
2. ComboFix can run in either Safemode or Normal mode on a server2003 PC.

Thanks for your help, Roses

#5 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:05:35 PM

Posted 09 March 2009 - 10:21 PM

You would need to use other advanced tools that require training

Google is your friend, don't expect definite answers, combofix and other advanced tools are only taught and discussed in upper level training for security purposes

The server needs to be reloaded and properly secured

Virut is wiping out whole domains, that's why IT professionals use drive images, removing these newer infections requires advanced training and time which most don't have

Edited by DaChew, 09 March 2009 - 10:21 PM.

Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users