Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

!!!Virus Attack on windows 2000 Advanced Server!!!


  • This topic is locked This topic is locked
3 replies to this topic

#1 Mike@vti

Mike@vti

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 10 November 2010 - 07:38 PM

I spent the last four days on this and think I had it resolved, however I was having no luck in starting up MSI, or installing updates, or updating my Mcafee or even connecting to the internet. I had run these files last night in hopes some one could help me. I couldn't see anything that would cause me all these headaches. Alas I went to sleep last night and woke up with this computer rebooted and now looks like a virus has attacked again ... sigh... any help please would be awesome...

I am re-running the tools (SIGH) as it looks like I have a new infection, and will post that new file too.


With Grace,


Mike


Attached File  DDS.txt   8.48KB   2 downloads

Hi anyone able to help me out with this... I can't seem to keep the virus out from the machine, I've updated the software to win 2k service pack4 with some other hot updates as well... I'm not sure why i can't stop it from doing an attack on

c:\winnt\system32\services.exe:kernel32.loadlibrarya
BO:writable bo:stack
blocked by buffer overflow protection

errors... most of this i think is due to some kind of infection of the mfehidk.sys file, and I've tried to update the mcafee software, cant seem to update it completely. No Idea why.

Regards,


Mike

EDIT: Posts merged ~BP

Edited by Budapest, 17 November 2010 - 10:12 PM.


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:35 PM

Posted 18 November 2010 - 08:12 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 Mike@vti

Mike@vti
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 19 November 2010 - 07:02 AM

Hello,

Ok, I've solved this issue, and I would like to post the procedure on how to install legacy products from Microsoft and/or repair due to virus (conficker!mem) and others. This includes windows 2000 pro, windows 2000 server, windows XP. The issue that occurs for the virus attack begins as soon as a person connects to the internet to download the service packs from Microsoft. So these items need to be installed prior to any internet connection to retrieve the other updates.

*****Please burn these either to a CD-ROM or save onto a "ram disk" stick.*****

1. If already have a system running that has infection Please use the MICROSOFT MALICIOUS SOFTWARE REMOVAL TOOL located at

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en


2. Please use MalwareBytes and (what you recommend) for malware.


3. Go to:

http://www.microsoft.com/downloads/en/details.aspx?FamilyId=B54730CF-8850-4531-B52B-BF28B324C662&displaylang=en for windows 2000

http://support.microsoft.com/kb/322389 for windows XP (please NOTE that service pack 3 requires sp 1a or 2 to be installed first so this will require 2 downloads for the package.

*****Please get the full package download and not the "internet download" package.*****


4. Go to and choose the correct product from the list for this severe HIGH Priority Security UPDATE:

http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx


5. Install Microsoft windows Product.


6. Install the service packs and the security update.


7. (can skip if already installed) Install Anti-virus software. (please link one I like www.F-Protect.com) inexpensive and good for all systems.


8. Connect to internet and update virus software.


9. Connect to internet and update windows product.


10. Pat on the Back!!!



In Grace,



Michael

Edited by Mike@vti, 19 November 2010 - 07:23 AM.


#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:35 PM

Posted 19 November 2010 - 06:00 PM

Thanks for the solution, Mike.

-----------------------------------

This topic has been closed.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users