We have a small office with a Dell Poweredge 2950 file server running Ubuntu 10.04.4. It is on 24/7 and wired to several workstations running Window 7 Pro, Windows 8 Pro, and Windows 8.1 Pro. The only antivirus in use on these workstations is Microsoft Security Essentials or Windows Defender.
Several days ago, a Full Scan in Defender detected these 2 items:
FolderA is a shared network folder/drive residing on the file server, which is also shared in its entirety as drive Z.
Defender's suggestion is to remove them, so they were removed.
However, scanning again immediately afterward, using MSE or Defender, shows the same two worms. Webroot, Avast, Kaspersky, Panda, Malwarebytes were also tried, but either did not detect the worms (though some of those programs may not have the ability to scan a network drive) or removed them only for the worms to reappear, as MSE and Defender.
Local scans of several Windows 7 and Windows 8 workstations were done, but the worms are not detected locally in drive C, only in the shared FolderA on the file server.
How should I go about removing these worms?
Edited by fakerecy, 14 January 2015 - 05:47 PM.