Members
Stats
  • Total Posts: 28498
  • Total Topics: 8238
  • Online Today: 842
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: A virus that some antivirus can't detect (win32subservice) ??  (Read 2863 times)

0 Members and 1 Guest are viewing this topic.

duomaxwell22

  • SCF Member
  • **
  • Posts: 70
  • KARMA: 15
  • Gender: Male
  • If it is too good to be true, Don't believe it!
Guys,
 I have been monitoring this virus named as "win32subservice"
it spread itself thru your usb and other removable media.
hard to say, mcafee, avg, avira, live onecare, and avast can't see this as harmful as it is..

i got this in our company PCs.. that infect almost all exe files.. and activates itself when you open the infected exe file..

the worst, it disables you to your internet connection and silently operates your mail..

i have experience this much since it is hard to remove in my hard disk that all i can do is to reformat. been trying many antivirus so far but yet it doesnt seem to work.

as my corrective action, i restricted my usb flash drive to be inserted in our company PCs anymore to prevent reinfection.

Samker's Computer Forum - SCforum.info





haz

  • SCF Advanced Member
  • ***
  • Posts: 117
  • KARMA: 26
  • Gender: Male
There is a website that scans any file you upload with almost all the virus scanners in the world ! I suggest you upload a small suspect file and see if any of these antiviruses identify the virus.
here is the website :
http://virusscan.jotti.org/
you will know what anitvirus to use if the virus was identified.
Hope that helps.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Guys,
 I have been monitoring this virus named as "win32subservice"
it spread itself thru your usb and other removable media.
hard to say, mcafee, avg, avira, live onecare, and avast can't see this as harmful as it is..

i got this in our company PCs.. that infect almost all exe files.. and activates itself when you open the infected exe file..

the worst, it disables you to your internet connection and silently operates your mail..

i have experience this much since it is hard to remove in my hard disk that all i can do is to reformat. been trying many antivirus so far but yet it doesnt seem to work.

as my corrective action, i restricted my usb flash drive to be inserted in our company PCs anymore to prevent reinfection.



Maybe you could also provide us HijackThis & Kaspersky Online Scan logs?

http://scforum.info/index.php/topic,734.0.html

In that case SCF Team will also try to help you...  :police:




jake2pointzero

  • SCF Member
  • **
  • Posts: 53
  • KARMA: 6
Can the VSE 8.5i detect such virus. I have not been infected yet.

duomaxwell22

  • SCF Member
  • **
  • Posts: 70
  • KARMA: 15
  • Gender: Male
  • If it is too good to be true, Don't believe it!
Thanks haz for the help..
@ Mr.Samker i have idea about HiJackthis.. but now im also trying Kaspersky.
VSE 8.5i cant detect this jake, it just limits the operation of it.

Thanks alot!

Payam20

  • SCF Member
  • **
  • Posts: 31
  • KARMA: 2
Oh, yes...McAfee 8.5i can't detect this !

bodarc

  • SCF Member
  • **
  • Posts: 13
  • KARMA: 2
The way some of the latest virii work, Safe Mode scanning is even ineffective.  Make a BartPE bootdisk and install some "portable" AV scanners ...the type that run without installing.  Then you can scan your infected hard disk from a bootable CD/DVD in Windows Preinstallation environment and not your infected O/S.  Try "ClamWin" portable A/V.  Of course this is an advanced techy thing, I mean you have to have or be able to create a bootable BartPE disk and add applications like ClamWin.  If infected with this stuff, try my idea and report back your results with ClamWin.  Just google clamwin and bartpe... you'll get there.

TECHTIP: extract the downloaded ClamWin and install it on your desktop run the exe and allow it to update latest DAt files, then copy that updated "install" (doesn't truly install as such) to your Bart disk (and your Thumbdrive! ..oh yeah after using it to SCAN your thumbdrive ...which is likely the source of your infection ;-)

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising