We ran the Trendmicro Housecall on our Win2000 server and found the following viruses that can not be cleaned.
Do you know the best way to clean these viruses ? Do I need to reboot the machine in a safe mode, go to DOS prompt, unhide the directory and files, and delete them ? How do you unhide directories and files in DOS ?

• Bkdr./bounce.a. It is in c:\winnt\system32\config\services.exe.
• Troj SQLSpida.B. It is in c:\winnt\system32\drivers\services.exe. This is a hidden file that was only shown when when I select to “Show all hidden files and directories” in Windows explorer.
• HTML_Netsky.P. It is in c:\program files....\RYGJYXY0* Layer2 nonamefl*. In Windows explorer, when I select to “Show all hidden files and directories”, I still can not see this directory.
• IRC/Flood.ap Trojan at c:\winnt\system32\OCXDLL.EXE\DLL32NT.HLP.

Thanks in advance.

I forgot to mention that except for the machine where we found RC/Flood.ap Trojan, we have installed Symantec AV on the servers, and they have the latest virus definition.

Click on my signature, than on “malware removal instructions” do as mentioned on that page.

Every malware can be removed. One of the conditions to met before you can remove it, is that it is not in use when trying to do so.

Thanks.

One of the conditions to met before you can remove it, is that it is not >in use when trying to do so.
That means either kill the program containing the virus in the Task Manager or I have to reboot in a safe mode, right ?

THanks.

Can I install AVG on a Win2000 server ?

Sure, if you pay for avg (I think you need their SoHo edition).

For a server OS you need a server av, normally.

Did you do as explained on the page I pointed you to earlier?