A classmate of mine asked me to edit a word document in his flash drive. While I was opening my classmate’s flash drive, I saw he got some autorun ■■■■ from an internet cafe. The folders where hidden and replaced with executable with an attempt to look like legitimate folders, technically ones with windows folder icon.
Usually, the ones I encounter where the ones that don’t replace the location on of the original folder. For example “Folder1” will be hidden and replaced by “Folder1.exe”. This one is a special case, all the folders where in a “_” folder. I tried to enter the a folder name, but Windows instead tried to open the executable. ■■■■! When all hell seems on the loose, Comodo’s HIPS managed to snag the process, saving me possible headache of removing the malware. I got logs to prove how Comodo saved my ■■■.