![]() (Not making a pitch for another’s software so I am leaving its name out unless asked) I have seen another real-time scanner I have on one machine pick this virus up but with a slight delay (seconds), but it did detect the virus. ![]() I deploy Comodo as scheduled AV and real-time scanner and ClamAV for windows as a backup scheduled AV scanner. The virus needs to be removed quarantining the virus does not get rid of it only removing does. My current security settings being what they are, just simply inserting the infected USB drive does not infect but when a file on the USB drive is opened the computers recycler is infected, undetected by the real-time scanner. ![]() This was confirmed by doing a controlled test with a sample of this virus on a clean machine. Between scheduled scans an infection can re-occur. My concern is that even though scheduled and manual scans pick this virus up the real-time scanner is not, even with the settings set higher than default. It does list the virus as being but I have only seen the files it creates and some of the things it does. This link will take you to a threatexpert page showing the recycler infections and other information similar to what I am experiencing with this virus. The autorun batch points to this virus in the recycler so that it can infect other machines it is connected to even if the autorun is disabled when you open a file on the USB drive, it infects the computer. ![]() When USB drives are inserted into a computer that has this \recycler*\xop32.exe in the recycler, the USB devices recycler is infected and an autorun.inf file is written to the USB device or if an autorun.inf already exists, it gets over written and hidden. ![]() On some of the computers that I use with Comodo, I am having an issue with a virus that infects the recycler. ![]()
0 Comments
Leave a Reply. |