Generic Malware
Hello! When i do a full system scan it detects this C:\WINDOWS\system32\usrserv.exe (full Dump) and under status it suspects it is malware. Also this thing is orange in colour not sure why. Also ocassionally bit defender tells me it has block usrserv.exe from connecting to the internet. This started happening after I opened some stupid file sent by my friend through MSN. Thanks
Comments
-
Place the file in an archive with the password "infected" and attach it to your next pot. It could be a new malware, indeed!
Best regards!0 -
Here is the virus scan result. Also i cant access the file. And trojan.vundo is also appearing now
/applications/core/interface/file/attachment.php?id=1282" data-fileid="1282" rel="">virus_scan.txt
0 -
As AndreiASM suggested, please attach the infected sample(s) (not the log).
Here is the virus scan result. Also i cant access the file. And trojan.vundo is also appearing now0 -
byxvtsq.rar: Cannot open C:\WINDOWS\system32\byxvtsq.dll
A device attached to the system is not functioning.
This is what is says when i try to attach it.0 -
You should disable the real-time protection temporarily when attaching, because otherwise it will block access to the file.
Best regards.0 -
You should disable the real-time protection temporarily when attaching, because otherwise it will block access to the file.
Also, don't attach the file as-it-is, because the forum doesn't allow executable files to be attached (exe, dll, com, etc...).
Instead:
- disable realtime protection
- put that file in an archive (ZIP archive, with the password infected)
- attach the ZIP (you ae allowed to do this)
- re-enable the realtime protection.
Cris.0 -
Also, don't attach the file as-it-is, because the forum doesn't allow executable files to be attached (exe, dll, com, etc...).
Instead:
- disable realtime protection
- put that file in an archive (ZIP archive, with the password infected)
- attach the ZIP (you ae allowed to do this)
- re-enable the realtime protection.
Cris.
ok but i dont quite understand how to disable real time protection. Could someone please explain or give me a link so I can figure it out please0 -
Read this topic: http://forum.bitdefender.com/index.php?showtopic=3608
Cris.0 -
sorry about post before i found out now and here are the files detected by the full system scan
/applications/core/interface/file/attachment.php?id=1303" data-fileid="1303" rel="">byxvtsq.rar
0 -
does the download work cause i cant seem to download it myself so did i do it wrong
0 -
only forum leaders have the permission to download attachmentes on this area. Thanks for the sample.
Cheers!0 -
Oh ok thanks for telling me that
0 -
The virus has stopped me from doing a full system scan now.
0 -
"Forum leaders" means (in this context) "Virus researchers" (the term I prefer ), and this restriction is in place because most of the files attached are malware and we would like to prevent people from getting infected by mistakenly downloading and executing files from our forum.
Anyways, the file is already detected as "Trojan.Vundo.DVN" and BD should block any access to it if it has the real-time protection (on-access scanning) enabled.
Best regards.0