Infected while Comodo AV running

Good morning,

I really like your product; however, yesterday I got the avpo virus while Comodo AntiVirus 2.0 beta was active on my system. I got the virus from a camera. Comodo did not intercept and stop this virus from infecting my computer.

The virus consist of these files:

\ntde1ect.com
\autorun.inf
\windows\system32\avpo0.dll
\windows\system32\avpo.exe

The virus loads avpo.exe at startup, the first two files are placed in the root of every device attached to the computer. ntde1ect.com propagates the virus via autorun.inf.

As a side note I have autoruns disabled via a registry fix, so much for that :slight_smile:

I also started a scan and Comodo did not detect any of the above files.

Just thought you would like to know.

Sorry I don’t have exact version for the Comodo Comodo AntiVirus 2.0 beta I had installed.
The last virus update was 24 Nov.

Thanks for letting us all know… Which antivirus eventually caught and removed it?

Have you tried running COmodo BOClean along side CAVS? Version 3 should be coming out quite soon (probably early in the New Year with BOClean technology and signatures integrated with it.

Eric

Does CAVS scan incoming files? I’m interested in trying CAVS (but will wait 'til it’s out of Beta), but I do like the way that Avast! scans all traffic (I had to disable it to d/l test files!).

I’ve only just got a camera and, as it’s second-hand, don’t know what’s on it

CAVS 3 is meant to be a completely new animal so I’ve no idea what it’ll be like. The last testing put CAVS’s detection rate at something like 50% but once the new version is out it’s promised to be much better. FIngers crossed for January.

Sorry, my knowledge of cavs is limited as I only tried using it once. My knowledge is more CPFirewall 3 based and my god what a n improvement and great product comodo have made! Ca’t wait to see what they turn cavs into!

No problem, that why I posted. :slight_smile:

I recognized it. Not the first time. This is a common virus here, almost all photo shops are infected. I noticed that when opening My Computer the default display was shown, plus no hidden files and I could not reset it to show hidden files. Using the command prompt, did a dir /a:h looking for hidden files, found the ntde1ect.com and autorun.inf, knew what I had and cleaned it by hand and fixed my registry. I copied the files to my virus-hold directory.

My previous AV (AVG Free) has caught it before but I was unhappy with some changes made (features removed) and was trying CAVS. Then to be sure, ran ClamAV which ID’d only one file, ntde1ect.com. Ran a Kaspersky online scan, which ID’d all files. Followed by BitDefender, which also ID’d the files, but unfortunately deleted them, along with other valid files on my system even though I setup the BitDefender online scan to “Report only”. >:(

Have you tried running COmodo BOClean along side CAVS? Version 3 should be coming out quite soon (probably early in the New Year with BOClean technology and signatures integrated with it.
Not yet, but I most likely will. I like CAVS, it has promise. No real harm done and I will give it another shot soon. Right now I am trailing Kaspersky Internet Security, which is a bit to heavy for me.

If your interested in the files let me know, I managed to get the ntde1ect.com and autorun.inf off my camera, I can reinfect to get the other files if desired, I am not squeamish about these things.

I’m running KAV 7 on my faster better laptop and running Avira Antivir Premium on my XP machine. I use to also run Spyware Terminator but KAV 7 includes Spyware Protection which seems to be fairly impressive so I’ve dropped SpywareTerminator but kept crawler toolbar for ensuring I don’t go to bad sites in my google searches.

You could submit the files to Comodo, to help them build their database. :slight_smile:

http://www.personalfirewall.comodo.com/reportvirus.html