Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Server 2003 and win32/parite.b Virus


  • Please log in to reply
2 replies to this topic

#1 jakes99

jakes99

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 31 October 2011 - 09:18 PM

We have a server the has the win32/parite.b virus, Eset 4.0 found it. We booted into Safe Mode and ran Malewarebytes. Malewarebytes foud over 200 infected files with the win32/parite.b virus. We let Malewarebytes clean these files. We rebooted into Safe Mode and ran Malewarebytes and it Found 1 infected file with the win32/parite.b virus. We allowed Malewarebytes to clean it as well. now Everytime we boot into Safe mode it finds one instance of the Virus. It never completely removes the virus. We then boot into Normal Mode and ran Microsoft Malicious Software Removal Tool. We stopped the scan when it reached over 3000 infections (we did not let Malicious Software Removal Tool clean the files because they were System Executibles). What do we need to do to clean Win32/Parite.b from Windows Server 2003 Standard.

Edited by hamluis, 02 November 2011 - 03:35 PM.
Moved from Windows NT to Am I Infected.


BC AdBot (Login to Remove)

 


#2 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:06:57 AM

Posted 02 November 2011 - 10:04 PM

Shoot. I wish I could be of more use. I would say that you should go for GFI's Vipre rescue and run that in safe mode. It does a good job of cleaning these nasties. You'll have to yank the Cat 5 cable from the server though because you don't want it transmitting anything to the other workstations to which the server is connected. What function or combination thereof does the server perform? I only ask because then we can figure out steps to ensure that this doesn't happen to you folks again.

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge


#3 jakes99

jakes99
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:57 AM

Posted 03 November 2011 - 06:37 AM

It is our One and only Production Server. I ended up getting Microsoft involved and they have me running W.O.L.F. and their Microsoft Safety Scanner. On the first run we had over 5300 infections - basically every .exe file on the server. Ran the Repair operation and everything booted fine. Right now i am in the middle of the second scan.

Thank you for the reply.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users