Topic: A virus that some antivirus can't detect (win32subservice) ??

[duomaxwell22]

Guys,
 I have been monitoring this virus named as "win32subservice"
it spread itself thru your usb and other removable media.
hard to say, mcafee, avg, avira, live onecare, and avast can't see this as harmful as it is..

i got this in our company PCs.. that infect almost all exe files.. and activates itself when you open the infected exe file..

the worst, it disables you to your internet connection and silently operates your mail..

i have experience this much since it is hard to remove in my hard disk that all i can do is to reformat. been trying many antivirus so far but yet it doesnt seem to work.

as my corrective action, i restricted my usb flash drive to be inserted in our company PCs anymore to prevent reinfection.

[haz]

There is a website that scans any file you upload with almost all the virus scanners in the world ! I suggest you upload a small suspect file and see if any of these antiviruses identify the virus.
here is the website :
http://virusscan.jotti.org/
you will know what anitvirus to use if the virus was identified.
Hope that helps.

[Samker]

Guys,
 I have been monitoring this virus named as "win32subservice"
it spread itself thru your usb and other removable media.
hard to say, mcafee, avg, avira, live onecare, and avast can't see this as harmful as it is..

i got this in our company PCs.. that infect almost all exe files.. and activates itself when you open the infected exe file..

the worst, it disables you to your internet connection and silently operates your mail..

i have experience this much since it is hard to remove in my hard disk that all i can do is to reformat. been trying many antivirus so far but yet it doesnt seem to work.

as my corrective action, i restricted my usb flash drive to be inserted in our company PCs anymore to prevent reinfection.

Maybe you could also provide us HijackThis & Kaspersky Online Scan logs?

http://scforum.info/index.php/topic,734.0.html

In that case SCF Team will also try to help you... 

[jake2pointzero]

Can the VSE 8.5i detect such virus. I have not been infected yet.

[duomaxwell22]

Thanks haz for the help..
@ Mr.Samker i have idea about HiJackthis.. but now im also trying Kaspersky.
VSE 8.5i cant detect this jake, it just limits the operation of it.

Thanks alot!

[Payam20]

Oh, yes...McAfee 8.5i can't detect this !

[bodarc]

The way some of the latest virii work, Safe Mode scanning is even ineffective.  Make a BartPE bootdisk and install some "portable" AV scanners ...the type that run without installing.  Then you can scan your infected hard disk from a bootable CD/DVD in Windows Preinstallation environment and not your infected O/S.  Try "ClamWin" portable A/V.  Of course this is an advanced techy thing, I mean you have to have or be able to create a bootable BartPE disk and add applications like ClamWin.  If infected with this stuff, try my idea and report back your results with ClamWin.  Just google clamwin and bartpe... you'll get there.

TECHTIP: extract the downloaded ClamWin and install it on your desktop run the exe and allow it to update latest DAt files, then copy that updated "install" (doesn't truly install as such) to your Bart disk (and your Thumbdrive! ..oh yeah after using it to SCAN your thumbdrive ...which is likely the source of your infection ;-)