Weird Virus found
Page 1 of 3 123 LastLast
Results 1 to 10 of 23

Thread: Weird Virus found

  1. #1
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683

    Weird Virus found

    Hi all

    Just went to a company. They have 3 computers hooked to a switch. The computers are able to ping each other however they cannot get to network shares.

    The error in the attachment keeps popping up on all workstations.

    The virus that AVG Network edition picked up a virus :Win32/Heur - Cant seem to find any information on it.

    I ran a virus scan, ad ware, scan disk and normal troubleshooting. Couldn't find anything except the virus.

    Now before I haul all the machines away I just wanted to find out if anyone has any information on this virus and/or can troubleshoot my problem.

    They are all running XP Professional and AVG. However one of the machines had F-Secure on which I removed and placed AVG on it.

    Thank you for your time.
    Last edited by Cider; October 25th, 2010 at 01:25 PM.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  2. #2
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Can you try an online scan...get a second opinion??

    Where does the virus live??? what directory??

    What are the file names??

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  3. #3
    Senior Member Aardpsymon's Avatar
    Join Date
    Feb 2007
    Location
    St Annes (aaaa!)
    Posts
    434
    assuming AVG cleaned the virus ok, try reinstalling the netbios protocol and recreate the shares.
    If the world doesn't stop annoying me I will name my kids ";DROP DATABASE;" and get revenge.

  4. #4
    Senior Member WolfeTone's Avatar
    Join Date
    Jun 2007
    Location
    Ireland
    Posts
    197
    Is there a firewall installed that is blocking anything?

  5. #5
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    See the discussion in the link below on "possible" false positives and how to confirm whether a file is actually infected.
    "Heur" is short for heuristic which means a malware signature wasn't detected but something about the files was suspect enough that AVG reported it to you.
    http://forum.grisoft.cz/freeforum/re...,100014,100026
    DjM

  6. #6
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    Try this:

    1. Check that the switch isn't defective.
    2. Look in the AVG virus vault/scanning logs and see what files it has quarantined or deleted.
    3. You can try to reinstall them from the Windows CD if you know what they are.
    4. Run a system file check.
    5. Reformat and reinstall if none of the above work. Try a repair install first.
    Last edited by nihil; August 20th, 2007 at 08:40 PM.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  7. #7
    Junior Member
    Join Date
    Jun 2005
    Posts
    11
    did you try connecting via IP address rather than hostname? it may be a simple dns issue.

  8. #8
    Junior Member
    Join Date
    Feb 2004
    Location
    Greece
    Posts
    16
    "Heur" stands for heuristic as DjM said. A virus that avg cant possibly identify. Try another
    antivirus program like avira, my favourite, you can find it free at free-av.com
    IF it is a virus issue ofcourse.
    If it is a hardware issue as nihil said, try yo run 2 live cd's with something like
    linux or winpe to see. But anyway, ping is working...
    Did you check if NetBIOS service is up and running normally on each workstation?
    Everyone gets away with something. No one gets away with everything...

  9. #9
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Thanks for the info guys. I will be going back there today with all your thoughts and hopefully the problem will be sorted out. Ill let everyone know what the problem and solution was.

    Thank you again.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  10. #10
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    You didn't say what type of environment you're in too. Just a workgroup? Domain? Trying to connect to another workstation's share? Server share? As suggested, try with ip, not computer name. Is the computer browser service running? netbios? What bout server service on the machine doing the sharing? Can you scan and connect to the correct ports? Try to delete/recreate the share. Make sure file/print is enabled. Check the logs for permissions problems. (enable auditing for a better idea of what is going on)

    If you're going to run the online virus scan, try to do it in safe mode (with networking) after the activex/java client has been loaded on the machine. I'm not sure if the activex/java client will install if you go right to safe mode. You may have to load it first.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Similar Threads

  1. Virus Circulating Via Email
    By HTRegz in forum AntiVirus Discussions
    Replies: 8
    Last Post: September 26th, 2006, 09:28 PM
  2. McAfee SiteAdvisor red flags AO
    By ShagDevil in forum Miscellaneous Security Discussions
    Replies: 12
    Last Post: September 3rd, 2006, 04:54 AM
  3. Denial of Service
    By M@rin3 Snip3r in forum AntiOnline's General Chit Chat
    Replies: 6
    Last Post: September 24th, 2003, 03:59 AM
  4. Virus Types
    By Alcatraz in forum The Security Tutorials Forum
    Replies: 7
    Last Post: July 25th, 2002, 11:15 AM
  5. First JPEG virus identified...
    By jehnx in forum AntiVirus Discussions
    Replies: 10
    Last Post: June 16th, 2002, 02:16 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides