Hi everybody,
I have five PCs in a remote office that are having some issues. When they are connected to our LAN they flood port 445. That points to the Deloder virus but we did not detect it. Currently the PCs all run McAfee VSE 7 with DAT 4339 and Deloder is over a year old. I had the on-site tech check for the various Deloder and payload files, none were present.
The other symptoms were that you can't open regedit, task manager or a command line. They all open and then close right away. When you attempt to run a scan with McAfee it starts OK then finishes within a second or two. It can be run from Safe Mode but nothing is detected.
We did run the Stinger tool from McAfee (a stand alone virus detection, it looks for the more prevalent viruses like Mydoom, sircam, netsky, etc.) but that too came up empty.
Ran Adaware but nothing was detected that changed the symptoms.
The machines all run W2K SP3 and current Critical Updates, P4 @ 2.6 and 512 MB RAM.
Any suggestions would be greatly appreciated.
--itswork
I have five PCs in a remote office that are having some issues. When they are connected to our LAN they flood port 445. That points to the Deloder virus but we did not detect it. Currently the PCs all run McAfee VSE 7 with DAT 4339 and Deloder is over a year old. I had the on-site tech check for the various Deloder and payload files, none were present.
The other symptoms were that you can't open regedit, task manager or a command line. They all open and then close right away. When you attempt to run a scan with McAfee it starts OK then finishes within a second or two. It can be run from Safe Mode but nothing is detected.
We did run the Stinger tool from McAfee (a stand alone virus detection, it looks for the more prevalent viruses like Mydoom, sircam, netsky, etc.) but that too came up empty.
Ran Adaware but nothing was detected that changed the symptoms.
The machines all run W2K SP3 and current Critical Updates, P4 @ 2.6 and 512 MB RAM.
Any suggestions would be greatly appreciated.
--itswork