We're wondering has anyone seen this type of virus/worm before?
Our antivirus software (AVG-8) was not able to detect it.
It occurred on an XP pro-SP3 workstation, (on a LAN, with internet access).
The virus installs the following software, spontaneously:
MS SQL server 2004, SQL server native client, native support files, vss writer, SQL writer, MSXML 6 SP2, ms compression client pac 1 for xp, ms office 2003 web components, ms office small buisiness connectivity components, visual c++.
In the programs folder, there were 60+ copies of an sql directory, containing hotfix.exe, amounting to several GB!
Trying to delete those folders gave "access denied", until we went to the security tab of each folder, gave ourself rights, to delete it.
Then we manually uninstalled the bogus programs, and disabled suspicious looking processes. That seems to have fixed it, so far.
But while the affected hard drive was connected to another XP machine, (through a USB adapter), the virus jumped on the other PC and did the same thing! requiring the same manual process to delete it. We would appreciate any feedback or additional information on this.
All 3 Replies
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.