One of our development server was infected by a few nasty trojan spyware a couple of weeks ago. The malware went totally unnoticed by ESET NOD32. After installing several spyware protection tools that couldn't fully remove the malware, we gave up on that server and rebuilt it. The trojans were actually detected by these programs (see the list below) and removed, but came right back. Since it was on a Windows Server 2003, most PC software couldn't be installed. The following are the ones that were successfully installed and did detect the malware:
- SpyBot Search & Destroy. This one did detect the malware and removed the infections, but couldn't remove the root cause, so the malware was right back.
- MalwareBytes. Same as Spybot, except it doesn't have a resident protection. So you can only run it.
- Spyware sweeper. This one was installed towards the end of the life of that server.
After fighting the trojans for days, the damage was too great to keep the server running. So now we're trying to figure out how to backup the data without getting the trojans backed up.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment