so i got this report this morning:
avast! [CNCMACHINE1]: File “E:\autorun.inf” is infected by “BV:AutoRun-G [Wrm]” virus.
“Resident protection (Standard Shield)” task used Version of current VPS file is 090916-0, 09/16/2009
after inserting a factory stamped windows xp cd.
brilliant guys, if a file is called ‘autorun.inf’ lets just tag it as a virus anyway.
perfect.
please go back to assigning virus labels based on FILE CONTENT and not just the FILE NAME.
Download Flash_Disinfector.exe by sUBs from here and save it to your desktop.
* Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
* The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
* Wait until it has finished scanning and then exit the program.
* Reboot your computer when done.
Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don’t delete this folder…it will help protect your drives from future infection.
Can you please send that file, we detect, in password protected archive i.e. zip with password i.e. infected to virus@avast.com and to subject write “False positive” and to body insert link to this forum topic.
could this be how it was detected:
"if 'autorun.inf' points to *recycle*\*\setup.exe, call it a virus"
regardless if setup.exe is a virus (living in recycle bin), but simply in existence?
Yes, it could be – running some files from recycle bin is strange, isn’t it?