Virus Scanner Help
Hey everyone, here at work our main T1 server is running Windows 2000 Server Edition. I am trying to find virus scanner software that runs on this. But unfortunately looking at Norton, and McAfee's sites, neither of their virus scanners support 2000 Server.
I tried for the heck of it to install Norton anyway, and it gave me the error something like " this software only runs on workstation versions, it doesn not run on server versions" or something like that.
So there HAS to be a virus scanner that runs on Windows 2000 Server, right? Anyone have any ideas?
I tried for the heck of it to install Norton anyway, and it gave me the error something like " this software only runs on workstation versions, it doesn not run on server versions" or something like that.
So there HAS to be a virus scanner that runs on Windows 2000 Server, right? Anyone have any ideas?
0
Comments
Bottom line though is if it's a server you'll have to pay for it. AVG will probably be the cheapest sollution for you. Plus man what the hell you are running a T1 connected server without virus protection dear lord I believe I have a rant sitting around just waiting for you.
Seriously pay the bucks and put good anti-virus protection on it. That or give us the ip and passwords so we can put it to use without having to do all the ground work. Please tell me it's at least behind a firewall.
I am not the idiot here. My company is stationed out of a 3 story soundstage on a production lot. We have never had an IT guy at all, although at one point before we layed his slack ass off, we had an engineer.
I am the creative director here, far from being anything close to an IT or network guy. Unfortunately my boss assumes since I work on computers, that I obviously must understand networks and servers (which I have no clue about). And even after countless explanations of how it is way out of my league and I don't know the first thing about mail servers, servers, backup, virus protection for a company server etc, he still insists I need to take care of things.
So I took a nice little walk up into our server room last week because our internet was down, and saw the most horrendous site. Our "server" which is locked in its own room upstairs, was obviously the designated porn computer for a crack ass employee.
It seems the entire computer is overrun with porn, viruses and misc programs, that neither Adaware or Hijack this can remove. Actually they remove them (over 1200 things on adaware first run), but they just come right back.
So now I'm trying to figure out how to get a virus scanner on there to try and fry the shit. Whoever installed and set the damn thing up, our ex-engineer, obviously had no clue what the fuck he was doing. Granted there IS a hardware firewall installed and connected, but apparently that isn't doing much.
Anyway just didn't want you to think that "I" was stupid enough to install a T1 server with no protection or virus scanner. Even I know that much. I'm unfortunately just stuck cleaning up other people's messes right now and trying to figure out how to do it.
If anyone here is an expert in cleaning this shit up, or reformatting and reconfiguring a T1 server and live in the Orlando area, I'd be glad to pay for your work.
Errr, onto more important matters, you have a few options:
You're in a real predicament and it's really unfortunate... 1200 spyware...
Probably the best route would be to wipe-out your server and perform a reinstall... assuming you still have the Win2k server CD. Expensive software is prone to "dissapearing" whenever employees leave. It's easy to do, but not enough info is given about your network... such as, how many computers are connected and if your server is a domain controller, data that needs to be back up, etc.
Otherwise you'll be looking at doing some in-depth virus / spyware removal, which can be a real pain.
Another option is to hire someone to clean up your mess, like what you're offering. I'd reccomend checking the phone books and stuff for some respectable shop that will send a tech out to clean up your server.
I can give you some spyware removal tips if you want to go that route.
As for your predicament, obviously the best situation would be to wipe out and re-install. However if you don't know what you are doing that can be quite the tedius route especailly if your this server is also acting as the domain server and the mail server and the web server etc.... Backing up the data on it is one part of the equation but the other is you have to set the computer back up exactly the same as it's currently running because if you don't you then need to reconfigure all the computers hooked up to it. Not to mention you need to assign everything correctly when it comes to getting the mail server back on line. It's tricky to say the least.
With that all that in mind clean up is probably your best sollution.
First things first if you haven't go through and delete all the porn and other crap software on there that you don't need. Use add/remove to get rid of any non-essential programs that are installed. Then if you are comfortable go through the 'program files' directory and look for any directories that don't look like they belong and delete them. If you are unsure about them you can also rename them to something else reboot the server and see if there are any problems.
Next again if you are feeling comfortable look at all the services that are running and kill anything that shouldn't be there.
Both of those should fix and glarring issues.
After that if you haven't already run ad-aware on it (make sure you update it) and spy bot seek and destroy. Those should get rid of 90% of the adware on there if not all of it. You may have to run both of them a few times after a couple reboots to get rid of as much as possible.
Next virus removal. If you don't have anti-virus software check into Norton Anti-Virus Corporate edition it'll cost you around $2000 give or take but it works and will roll out to all your desktops as well (It's what I run at work and it works very well). The other option I'd recomend is looking at AVG's anti-virus software. They have a corporate version that you have to pay for (not sure exactly how much but it's way less then Norton). They also have a free version that works very well it's what I use at home. I don't know if the free version works on Win2k server as I've never tried it or check to see if it does or not.
If it doesn't and you need to wait for some money to be spent there are online virus scanners that you can use that should scan your server. They won't remove the viruses but they should tell you what viruses you have.
So go to http://securityresponse.symantec.com/ and scroll about half way down the page on the right there is a link for checking your security risks. It'll run the scan and tell you what you have, assuming that is a virus hasn't dissabled it's ability to do so. Once you know what viruses you have go back to that page and download all the appropriate removal tools and start running them.
Hopefully if all goes well that'll fix up your problems once that's done do the virus scan again and see what's what.
If none of these are working then you are in a bit of a pickle. You should still be able to get to symantec's site and download the remove tools I'd recommend getting the ones for Netsky, Sasser, Korgo, Blast, MyDoom, and Sobig for sure as they are the most common and most problematic at the momment.
After all that you'll also probably want to get and run Hijackthis. It'll post all the crap that's currently running so you can go through that log and get rid of stuff that shouldn't be there. It shows everything that is running good or bad though so you need to know what you are looking for. If you are unsure paste the log on here and we can tell you which ones to get rid of.
After all that is done make sure that you have all the patches and security fixes installed from microsofts update site. Normally I'd recomend you do this first. But if your machine is really screwed up it's better to do it after the fact otherwise it could just get screwed up again from any active viruses.
Hopefully this helps and gets you on the right track. If you need any more detailed info on how to do any of this shit ask.
Oh one other thing (though not minor) this should also be done on any desktops that don't have anti-virus software running on them since they are most likely all infected also. One thing with them though is you will be able to run the free version of AVG on them.