• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Server system files infected with trojans unable to remove using drwebcureit.exe

S

samia

Guest
Dear Members,

Hi,

My server OS windows 2003 standard with plesk 7.5.6 is get infected with few trojans. Now it daily stops ftp service on server or MSSQL service also i am facing permissions change issue on this machine due to viruses i used to kill different processes which seems to me run by virus then services works.
Detail of trojans with infection is:

C:\Windows\system32\aproman.exe infected with W32\Internet-Trojan-patched-based!Maximus

test.exe> scard C:\Windows\system32\dhcp "backdoor" program

test.exe> trkupd C:\Windows\system32\dhcp W32\Hackdef.DU

test.exe>dmdll C:\Windows\system32\dhcp W32\Radmindropper

test.exe> msinls C:\Windows\system32\dhcp W32\Ucri.A@bd

Msfw.exe C:\Windows\system32\ W32\Backdoor-based

pskill.exe C:\Windows\system32\ W32\Backdoor-based

rmico.exe C:\Windows\system32\ W32\Backdoor-based
svcinst.exe C:\Windows\system32\ W32\Backdoor-based

I tried to remove these trojans by trying different utility like using cureit.exe it does not detect any of above trojans. F-prot detects the trojan but not removes these.
Would you please suggest me how i can get rid of these trojans or i should just get this machine reloaded.



Samia
 
Back
Top