Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SHEUR4.1WB virus


  • Please log in to reply
3 replies to this topic

#1 PGHinBKK

PGHinBKK

  • Members
  • 339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangkok, Thailand
  • Local time:12:04 PM

Posted 19 October 2012 - 11:39 PM

Hello all!

I was recently given an older desktop computer with a Seagate 80gb HDD. Every time I plugged a flashdrive into it, it showed there were several 'viruses' on the flashdrive, and so I'd plug the flash into my laptop, rescan it (with AVG 2013), and was told the viruses were the SHEUR4.1WB Trojan. I'd delete them and try again. I got tired of this, and pulled the HDD. I scanned it through the AVG program, via an adapter box so that it could be hooked up to the USB port, and saw the same viruses and deleted them. When I reinstalled it, they reappeared. Can these viruses hide somewhere on the mainboard? I did the whole procedure again, scanned the flash and the HDD, reinstalled, and got the same results. It apparently attacks the commands that designate a folder, as the folders I put on the flashdrive were not visible, and the icons for the several files of the virus all showed them to be 176kb in size.


This virus seems to be common here (in SE Asia) and as the files are labeled as 'Porn', 'Sexy' and a notepad file called 'passwords', apparently many students download them from the internet cafes and spread them.

This HDD has Windows XP installed, and opens fine, but I cannot add any new files to it because of these viruses, and I want to use it for games for my little girl. Where else in this desktop can I look?

The person who gave me the unit has over 30gb of docs stored on it, and most of them are in Thai. Can the virus be hiding in there somewhere that it is not detected because of the different language and fonts?

Thanks

Edited by PGHinBKK, 19 October 2012 - 11:41 PM.

Life is strange......and then there's Thailand....

BC AdBot (Login to Remove)

 


#2 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:12:04 AM

Posted 29 October 2012 - 08:56 AM

If there is nothing that you need to save and you want to use the pc for your child for games I would suggest that you reload xp and that should solve the malware problems.

#3 PGHinBKK

PGHinBKK
  • Topic Starter

  • Members
  • 339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bangkok, Thailand
  • Local time:12:04 PM

Posted 31 October 2012 - 06:47 AM

Jimbo,

Thanks for the reply. I've done that in the past, and, in a nutshell, it doesn't always do so. However, I managed to get Avira loaded into the HDD, and it found a TXCRYPT.gen (or something close to that, lol) virus that AVG had apparently overlooked. I reinstalled it, and it is now working OK. My little one loves the games and, knock-on-wood, it will run for a while longer. It is not on the net, and I will check my flashdrives before any time I load a new game, so it should remain clean.

Thanks for the interest though, and great avatar. Go MOPAR! Living over here, I really miss cars with balls.

Thanx! :thumbup2:
Life is strange......and then there's Thailand....

#4 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:12:04 AM

Posted 31 October 2012 - 07:38 AM

Glad you got it resolved! If you ever need any help were here and glad to do what we can!!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users