Hi Guys, I have a terminal server running win 2003 server sp1. It has been hit by the sality virus and ive tried cleaning it with McAfee VSE8.5i with latest update but to no help. Unfortunately the server is on a highly secure intranet with no internet access allowed!! Any ideas on how i can resolve this? Thanks in advance. -- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com,
Trash McAfee and buy another antivirus. that will end the fire fighting. On Thu, Nov 25, 2010 at 5:33 PM, muite nicholas <nmuite@googlemail.com>wrote:
Hi Guys,
I have a terminal server running win 2003 server sp1. It has been hit by the sality virus and ive tried cleaning it with McAfee VSE8.5i with latest update but to no help.
Unfortunately the server is on a highly secure intranet with no internet access allowed!! Any ideas on how i can resolve this?
Thanks in advance.
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com <email%3Anmuite@googlemail.com>, _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
Sorry..and install service pack 2 on the server On Thu, Nov 25, 2010 at 5:36 PM, Simon Wainaina <swainaina@gmail.com> wrote:
Trash McAfee and buy another antivirus. that will end the fire fighting.
On Thu, Nov 25, 2010 at 5:33 PM, muite nicholas <nmuite@googlemail.com>wrote:
Hi Guys,
I have a terminal server running win 2003 server sp1. It has been hit by the sality virus and ive tried cleaning it with McAfee VSE8.5i with latest update but to no help.
Unfortunately the server is on a highly secure intranet with no internet access allowed!! Any ideas on how i can resolve this?
Thanks in advance.
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com <email%3Anmuite@googlemail.com>, _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
the problem is that all the best anti viruses require internet connection for installation and update. McAfee you can download the DAT files and update without having to connect the server itself to the net. On 11/25/10, Simon Wainaina <swainaina@gmail.com> wrote:
Trash McAfee and buy another antivirus. that will end the fire fighting.
On Thu, Nov 25, 2010 at 5:33 PM, muite nicholas <nmuite@googlemail.com>wrote:
Hi Guys,
I have a terminal server running win 2003 server sp1. It has been hit by the sality virus and ive tried cleaning it with McAfee VSE8.5i with latest update but to no help.
Unfortunately the server is on a highly secure intranet with no internet access allowed!! Any ideas on how i can resolve this?
Thanks in advance.
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com <email%3Anmuite@googlemail.com>, _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com,
My friend..you only need to point the updates to a folder in a local machine that has internet, then on the workstation that requires the update, you point in to the machine that has the updates or copy to usb...SIMPLE On Fri, Nov 26, 2010 at 10:50 AM, muite nicholas <nmuite@googlemail.com>wrote:
the problem is that all the best anti viruses require internet connection for installation and update. McAfee you can download the DAT files and update without having to connect the server itself to the net.
On 11/25/10, Simon Wainaina <swainaina@gmail.com> wrote:
Trash McAfee and buy another antivirus. that will end the fire fighting.
On Thu, Nov 25, 2010 at 5:33 PM, muite nicholas <nmuite@googlemail.com>wrote:
Hi Guys,
I have a terminal server running win 2003 server sp1. It has been hit by the sality virus and ive tried cleaning it with McAfee VSE8.5i with latest update but to no help.
Unfortunately the server is on a highly secure intranet with no internet access allowed!! Any ideas on how i can resolve this?
Thanks in advance.
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com <email%3Anmuite@googlemail.com> < email%3Anmuite@googlemail.com <email%253Anmuite@googlemail.com>>, _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com <email%3Anmuite@googlemail.com>, _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
none of the machines on the intranet have a connection to the internet and aviruses like kaspersky u really do need the net. or is there a way u can actually download a file for updating and storing it in a usb then transfer to the server?? Ive always known kaspersky to be online oriented like update On Fri, Nov 26, 2010 at 9:55 AM, Simon Wainaina <swainaina@gmail.com> wrote:
My friend..you only need to point the updates to a folder in a local machine that has internet, then on the workstation that requires the update, you point in to the machine that has the updates or copy to usb...SIMPLE
On Fri, Nov 26, 2010 at 10:50 AM, muite nicholas <nmuite@googlemail.com>wrote:
the problem is that all the best anti viruses require internet connection for installation and update. McAfee you can download the DAT files and update without having to connect the server itself to the net.
On 11/25/10, Simon Wainaina <swainaina@gmail.com> wrote:
Trash McAfee and buy another antivirus. that will end the fire fighting.
On Thu, Nov 25, 2010 at 5:33 PM, muite nicholas <nmuite@googlemail.com>wrote:
Hi Guys,
I have a terminal server running win 2003 server sp1. It has been hit by the sality virus and ive tried cleaning it with McAfee VSE8.5i with latest update but to no help.
Unfortunately the server is on a highly secure intranet with no internet access allowed!! Any ideas on how i can resolve this?
Thanks in advance.
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com <email%3Anmuite@googlemail.com> < email%3Anmuite@googlemail.com <email%253Anmuite@googlemail.com>>, _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com <email%3Anmuite@googlemail.com>, _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com <email%3Anmuite@googlemail.com>,
@Nicholas, I read your original thread that the server is in a secure intarnet. How did the virus get to it? Via USB or via local files/shares? You should consider a complete lockout and then enable only services that are needed. HTHs. On Fri, Nov 26, 2010 at 11:07 AM, muite nicholas <nmuite@googlemail.com>wrote:
none of the machines on the intranet have a connection to the internet and aviruses like kaspersky u really do need the net. or is there a way u can actually download a file for updating and storing it in a usb then transfer to the server?? Ive always known kaspersky to be online oriented like update
It is possible to run updates off a USB stick or over a network share if you do not have Kaspersky Administration Kit on your network. On 26 November 2010 11:34, aki <aki275@gmail.com> wrote:
@Nicholas, I read your original thread that the server is in a secure intarnet. How did the virus get to it? Via USB or via local files/shares? You should consider a complete lockout and then enable only services that are needed. HTHs.
On Fri, Nov 26, 2010 at 11:07 AM, muite nicholas <nmuite@googlemail.com>wrote:
none of the machines on the intranet have a connection to the internet and aviruses like kaspersky u really do need the net. or is there a way u can actually download a file for updating and storing it in a usb then transfer to the server?? Ive always known kaspersky to be online oriented like update
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
ill do some research on this coz to be honest i brushed kaspersky out as an impossiblity a while back What about installing the anti virus is it possible without the internet? don't think so really. Unless i bend the rules and connect the server to internet and disconnect the intranet just for the installation process, then reconnect to intranet. On Fri, Nov 26, 2010 at 10:50 AM, Simon Mbuthia <simon.mbuthia@gmail.com>wrote:
It is possible to run updates off a USB stick or over a network share if you do not have Kaspersky Administration Kit on your network.
On 26 November 2010 11:34, aki <aki275@gmail.com> wrote:
@Nicholas, I read your original thread that the server is in a secure intarnet. How did the virus get to it? Via USB or via local files/shares? You should consider a complete lockout and then enable only services that are needed. HTHs.
On Fri, Nov 26, 2010 at 11:07 AM, muite nicholas <nmuite@googlemail.com>wrote:
none of the machines on the intranet have a connection to the internet and aviruses like kaspersky u really do need the net. or is there a way u can actually download a file for updating and storing it in a usb then transfer to the server?? Ive always known kaspersky to be online oriented like update
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com <email%3Anmuite@googlemail.com>,
thanks Aki, the virus got in through usb. users go to cybers and there home pc's and use the usb there and bring all these issues to work. We have actually put a strict no usb me stick policy and i think this will reduce the chances of infection. thanks for the advice On Fri, Nov 26, 2010 at 10:34 AM, aki <aki275@gmail.com> wrote:
@Nicholas, I read your original thread that the server is in a secure intarnet. How did the virus get to it? Via USB or via local files/shares? You should consider a complete lockout and then enable only services that are needed. HTHs.
On Fri, Nov 26, 2010 at 11:07 AM, muite nicholas <nmuite@googlemail.com>wrote:
none of the machines on the intranet have a connection to the internet and aviruses like kaspersky u really do need the net. or is there a way u can actually download a file for updating and storing it in a usb then transfer to the server?? Ive always known kaspersky to be online oriented like update
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com <email%3Anmuite@googlemail.com>,
Muite. Always scan USB sticks before opening them. Something else, when using a flash disk, don't double click on it's icon, what I normally do is explore My Computer then click on the flash disk's icon on the left pane. That way, the autorun.inf file won't be called by the shell [explorer.exe]. There is also an option to disable autorun.inf by running this command in your command prompt: REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf" /ve /d "@SYS:DoesNotExist" Me. On 26 November 2010 11:53, muite nicholas <nmuite@googlemail.com> wrote:
thanks Aki,
the virus got in through usb. users go to cybers and there home pc's and use the usb there and bring all these issues to work. We have actually put a strict no usb me stick policy and i think this will reduce the chances of infection. thanks for the advice
On Fri, Nov 26, 2010 at 10:34 AM, aki <aki275@gmail.com> wrote:
@Nicholas, I read your original thread that the server is in a secure intarnet. How did the virus get to it? Via USB or via local files/shares? You should consider a complete lockout and then enable only services that are needed. HTHs.
On Fri, Nov 26, 2010 at 11:07 AM, muite nicholas <nmuite@googlemail.com>wrote:
none of the machines on the intranet have a connection to the internet and aviruses like kaspersky u really do need the net. or is there a way u can actually download a file for updating and storing it in a usb then transfer to the server?? Ive always known kaspersky to be online oriented like update
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com <email%3Anmuite@googlemail.com>,
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
i think kaspersky have a cleaning tool....just check it out......or you can download the trial version, install and clean the virus...u will have to either kill the mcafee service or uninistall it coz both of them running at the same time will kill it..... On Thu, Nov 25, 2010 at 5:33 PM, muite nicholas <nmuite@googlemail.com>wrote:
Hi Guys,
I have a terminal server running win 2003 server sp1. It has been hit by the sality virus and ive tried cleaning it with McAfee VSE8.5i with latest update but to no help.
Unfortunately the server is on a highly secure intranet with no internet access allowed!! Any ideas on how i can resolve this?
Thanks in advance.
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com <email%3Anmuite@googlemail.com>, _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
Ha! Ditch windoze and use BSD or Linux! :D On 25 November 2010 15:46, Eric Mugo <kabugum@gmail.com> wrote:
i think kaspersky have a cleaning tool....just check it out......or you can download the trial version, install and clean the virus...u will have to either kill the mcafee service or uninistall it coz both of them running at the same time will kill it.....
On Thu, Nov 25, 2010 at 5:33 PM, muite nicholas <nmuite@googlemail.com>wrote:
Hi Guys,
I have a terminal server running win 2003 server sp1. It has been hit by the sality virus and ive tried cleaning it with McAfee VSE8.5i with latest update but to no help.
Unfortunately the server is on a highly secure intranet with no internet access allowed!! Any ideas on how i can resolve this?
Thanks in advance.
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com <email%3Anmuite@googlemail.com>, _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
On Thu, Nov 25, 2010 at 9:07 PM, Andrew Wachira <washirah@gmail.com> wrote:
Ha! Ditch windoze and use BSD or Linux! :D
Quite unhelpful advise! Sometimes we must try and understand why some folks MUST run Winblows servers and accept their situations, or predicaments as some see it. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Damn!!
hehe this has now turn into a circus. I have downloaded stinger and removed this virus. On 11/25/10, Odhiambo Washington <odhiambo@gmail.com> wrote:
On Thu, Nov 25, 2010 at 9:07 PM, Andrew Wachira <washirah@gmail.com> wrote:
Ha! Ditch windoze and use BSD or Linux! :D
Quite unhelpful advise!
Sometimes we must try and understand why some folks MUST run Winblows servers and accept their situations, or predicaments as some see it.
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Damn!!
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com,
Hey Nick,you can Kaspersky Virus Removal Tool http://support.kaspersky.com/viruses/avptool2010?level=2 on your infected machine and scan for the virus.Also consider upgrading your McAFee to version 8.7 it is more effective in combating virii that ver. 8.5.Regards,John Date: Thu, 25 Nov 2010 17:46:34 +0300 From: kabugum@gmail.com To: skunkworks@lists.my.co.ke Subject: Re: [Skunkworks] Sality virus i think kaspersky have a cleaning tool....just check it out......or you can download the trial version, install and clean the virus...u will have to either kill the mcafee service or uninistall it coz both of them running at the same time will kill it..... On Thu, Nov 25, 2010 at 5:33 PM, muite nicholas <nmuite@googlemail.com> wrote: Hi Guys, I have a terminal server running win 2003 server sp1. It has been hit by the sality virus and ive tried cleaning it with McAfee VSE8.5i with latest update but to no help. Unfortunately the server is on a highly secure intranet with no internet access allowed!! Any ideas on how i can resolve this? Thanks in advance. -- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com, _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
have your server updated with the latest MS updates and you will ok. On Thu, Nov 25, 2010 at 5:33 PM, muite nicholas <nmuite@googlemail.com>wrote:
Hi Guys,
I have a terminal server running win 2003 server sp1. It has been hit by the sality virus and ive tried cleaning it with McAfee VSE8.5i with latest update but to no help.
Unfortunately the server is on a highly secure intranet with no internet access allowed!! Any ideas on how i can resolve this?
Thanks in advance.
-- Muite Nicholas G mobile:+267 72900342 office:+267 3952511 email:nmuite@googlemail.com <email%3Anmuite@googlemail.com>, _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
participants (9)
-
aki -
Andrew Wachira -
Eric Mugo -
muite nicholas -
Nahashon Chelugo -
Odhiambo Washington -
Simon Mbuthia -
Simon Wainaina -
Vee Legrandchef