I am running windows server 2003. I did my best to complete the 8 steps of virus removal but I was not able to complete the following steps
-TFC cleanup
-GMER
TFC and GMER both froze my server, GMER actually bluescreened my server.
After the bluescreen on GMER I decided to post before completing any additional steps. I will outline my attempts below.
Day 1
I had a user recieve a warning from AVG that it detected a WIN32/heur virus/trojan horse when she attempted to access a network drive. I was unable to quarantine the file from her computer. From a webpost that I read I attempted to search for the file which was at that time name win32/heur and I was not able to find it. I ran a full scan on the network drive with AVG but it did not identify any virus or malware. I purchased AVG file server addition and Spyware doctor and ran additional scans on my server. I have also scanned with Malwarebytes - antimalware and with Norton- enterprise addition. None of these showed any threats or infections. confident that AVG was raising a false alarm I called it a day.
Day 2
Another user on a different computer that is not connected to the internet and only to the file server recieved the same warning from AVG while accessing the same network drive. This time AVG identified the file as DPWIN.EXE which is the executable file for the database we run off of that network drive. I removed the file, contacted the vendor and upon her advice completely reinstalled the database which removed and recopied everything except the data that was already recorded in the data base.
Day 2- at 8pm (present)
I have run every scan that I have on that network drive and on the hard drive and the entire server. Everything says I have no virus no threats, I have looked through every file and read several online posts about the WIN32/heur virus. based on what I have read I can't shake the feeling that this virus is lurking somewhere.
? what can I do to track this thing down and kill it?
I didn't post my log from Malware because it shows 0 infections as does AVG and Spyware Doctor. I wasn't able to complete GMER and I didn't attempt DDS although I will if recommended. I am still in school although working in an Networking position and I have not taken any network defense... any help would be appreciated.
-TFC cleanup
-GMER
TFC and GMER both froze my server, GMER actually bluescreened my server.
After the bluescreen on GMER I decided to post before completing any additional steps. I will outline my attempts below.
Day 1
I had a user recieve a warning from AVG that it detected a WIN32/heur virus/trojan horse when she attempted to access a network drive. I was unable to quarantine the file from her computer. From a webpost that I read I attempted to search for the file which was at that time name win32/heur and I was not able to find it. I ran a full scan on the network drive with AVG but it did not identify any virus or malware. I purchased AVG file server addition and Spyware doctor and ran additional scans on my server. I have also scanned with Malwarebytes - antimalware and with Norton- enterprise addition. None of these showed any threats or infections. confident that AVG was raising a false alarm I called it a day.
Day 2
Another user on a different computer that is not connected to the internet and only to the file server recieved the same warning from AVG while accessing the same network drive. This time AVG identified the file as DPWIN.EXE which is the executable file for the database we run off of that network drive. I removed the file, contacted the vendor and upon her advice completely reinstalled the database which removed and recopied everything except the data that was already recorded in the data base.
Day 2- at 8pm (present)
I have run every scan that I have on that network drive and on the hard drive and the entire server. Everything says I have no virus no threats, I have looked through every file and read several online posts about the WIN32/heur virus. based on what I have read I can't shake the feeling that this virus is lurking somewhere.
? what can I do to track this thing down and kill it?
I didn't post my log from Malware because it shows 0 infections as does AVG and Spyware Doctor. I wasn't able to complete GMER and I didn't attempt DDS although I will if recommended. I am still in school although working in an Networking position and I have not taken any network defense... any help would be appreciated.
