Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

win32.polip.a and Iobit security 360


ha14

Recommended Posts

Hi

 

As solbjerg asked me to report, that alongside iobit security 360 an antivirus should be present since I had a copy of win32.polip.a which I submitted to scan with the latest iobit security 360 and it was not detected as a malware the same was with Malwarebytes antimalware, superantispyware, Spybot and Spyware doctor. But my antivitus avast pro didnt even let me to download it to my desktop. Well I terminated avast pro then I download it and opened it then I reactivated the avast pro and scanned it which gaved me an alert and asked to delete it from the desktop.

 

solbjerg told me that win32.polip.a is a highly dangerous virus (worm like), and advise me to report to the forum. So that to have the idea that an antivirus with real time monitoring should be present on the windows desktop.

 

 

W32/Polip is a memory-resident virus that uses entry-point obfuscation techniques. When infecting, the virus replaces all calls or jumps to an imported function used by the host file (randomly chosen by the virus) with obfuscated calls to an advanced polymorphic decryptor.

It is a polymorphic virus that injects itself into running processes in order to conceal its presence.

Uses Gnutella protocol to spread through p2p clients like BearShare that implements this protocol.

 

Searches the directories that have following strings in their name. Infects .exe and .scr files within these directories.

:\program files

:\windows

:\win98

:\win98se

:\winxp

:\win2000

:\winnt

:\winme

 

Whenver it selects a file to infect it searches for following checksum databases in the directory. If present it will delete the checksum database file.

drwebase.vdb

avg.avi

vs.vsn

anti-vir.dat

avp.crc

chklist.ms

ivb.ntz

ivp.ntz

chklist.cps

smartchk.ms

smartchk.cps

aguard.dat

avgqt.dat

lguard.vps

 

WOW

Link to comment
Share on other sites

Hi ha

Yes I told you to report it so that users could see that it is necessary to have an antivirus program to catch the viruses - while IObit Security 360 will take care of spyware and other malware if you run it alongside your antivirus application.

You certainly shouldn't keep it - let your antivirus program delete it!!

Cheers

solbjerg

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...