problems in updating virus definition

[withivy]

hi again

I have a win2003sp1 server with  avast server edition installed
vps 0635-4
prg version 4.7.638

the vps is not updated since last week
when i try to perform a manual update in avas log viewer i see

function setifaceupdatepackages failed. return code is 0x00000005 dwres is 00000005

moreover in the last few days when users login, after a while it is detected
Win32:small-BTH[Trj] and
Win32:small-BTS[Trj]

then, even if the trj is deleted, at next login the message appears again

everytime the trj is found there is a message in event viewer (and in avast log viewer)

Storage Query "INSERT INTO AgentPathNames(Name) Values(?);" failed. Error description "unable to open database file[1]."

this behavior reminds me that of my previous thread...

thanks

[Lisandro]

return code is 0x00000005

This means access denied...
Maybe you don't have access to the object at that time... or the process that tried to manage the object.

Storage Query "INSERT INTO AgentPathNames(Name) Values(?);" failed. Error description "unable to open database file[1]."

Strange... But why don't you update avast program?
The last avast! Server Edition is 4.7.660 of 7.9.2006.

[withivy]

that's true
i planned the next program update tomorrow morning
my problem is that everytime i update the program, avast wants to restart my server
so i've to perform updating only when i am sure there are no user (or they are informed of the restart)
if you have a tip for avoiding the restart after program update you'll make me happy 
thanks

[withivy]

one more thing

i found in the 'startup folder' of 'all users' a suspicios file
it's name is w32.exe

posting to virusscan.jotti.org

AntiVir Found Trojan/PSW.Agent.IK
ArcaVir Found Trojan.Psw.Agent.Ik
Avast Found nothing
AVG Antivirusv Found PSW.Agent.CJK
BitDefender Found Trojan.PWS.Agent.CZ
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found Trojan-PSW.Win32.Agent.ik
NOD32 Found Win32/Agent.NDH
Norman Virus Control Found W32/Agent.AKRF
UNA Found nothing
VirusBuster Found nothing
VBA32 Found Trojan-PSW.Win32.Agent.ik

i'm sorry, i deleted it, but as an effect the two previously said viruses doesn't manifest themselves at startup

excuse me if i am mixing three topics together

the question on my previous post is still valid

thanks

[Lisandro]

i'm sorry, i deleted it, but as an effect the two previously said viruses doesn't manifest themselves at startup

It's a pity... seems an infected file indeed. Next time, please, send to virus@avast.com for analysis.

If you have a tip for avoiding the restart after program update you'll make me happy

From page 34 of Chapter 6 of avast! Distributed Network Manager (ADNM) Administrator’s Guide.
Basic updating parameters for a machine can be set via the group’s properties in the Computer Catalog. This includes the auto-update interval and the update
source. Figure 6.5. Computer group’s Updating configuration page.
Updating tasks: Using the ADNM for on-demand updating. There’s a special task type: the updating task. To create an updating task, navigate to the Updating tasks folder, and select New Task. Choose Updating in the Task type field, and specify the target machines for this task on the Computers page. You can also customize the way the program handle the situation where a reboot of a client computer is required to complete the update. 

[withivy]

hi
it's back again
same files infected (ruhh1.exe and [random].tmp) at logon
and same w32.exe in automatic execution folder
now i send a zipped pw protected to virus@avast.com
my prg version is now 4.7.660 and vps 0637-0

this is the result scan of jotti
 AntiVir  Found Trojan/PSW.Agent.IK
ArcaVir Found Trojan.Psw.Agent.Ik
Avast Found nothing
AVG Antivirus Found PSW.Agent.CJK
BitDefender Found Trojan.PWS.Agent.CZ
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found W32/Trojan.JBP
Fortinet Found Spy/Agent
Kaspersky Anti-Virus Found Trojan-PSW.Win32.Agent.ik
NOD32 Found Win32/Agent.NDH
Norman Virus Control Found W32/Agent.AKRF
UNA Found nothing
VirusBuster Found nothing
VBA32 Found Trojan-PSW.Win32.Agent.ik