Posted 08 June 2011 - 05:54 PM
I am running Windows 2003 Server and one of my users has downloaded this malware, which gives a screen titled PC Performance & Stability Analysis Report. It has hidden icons, programs, shared folders and is generally making a nuisance.
I have reviewed task manager and found the programs when they are running and manually removed the files twice, but now they are no longer showing in task manager, but are still affecting my server.
I tried to run a scan of the server with Symantec corporate antivirus, but it stalls at a certain point and will not delete or quarantine it.
I have contacted my IT tech and he thinks that I have a rootkit virus and that I need to download ComboFix and run it. But on the ComboFix guide it says that it doesn't work on Windows 2003.
Any help would be much appreciated.