Virus found in pendrive by ESET but avast and MBAM says is clean.

[LunarWolf]

I plug my pendrive into my uni computer and their AV (ESET) said it detected a virus in my pendrive and I press clean but I think it didn't clean. They are using ESET v2.th turn

So I came back and scan it with avast free and MBAM and both turn up clean. Decide to go further by openning it in sandboxie (my pendrive) and no prompt from avast or Comodo Defense +.

Scan it with ESET Online Scanner and it gave me the following result :
H:\alice.alc VBS/AutoRun.AO virus

But when I open my pendrive, there is no alice.alc file even with show hidden files, folders and drives enable?

How do I look for the file that is not there and upload it to virustotal or to avast for investigation?

[Raymond]

Probably the file has system attribute.
Go to Control Panel > Folder Options > Uncheck Hide protected operating system files.
Check the file and see if it's there.

[Bluedot]

Probably a false positive, since both avast and MBAM has better detection than ESET. Enable hidden file viewing as Raymond has suggested and upload it to Virustotal.

[Raymond]

Did a research on "alice.alc" and indeed it is a malware.
It infects on USB and I believe autorun.inf is not present in Lunarwolf's USB drive, which is why MBAM and Avast did not detect it as threat.

[LunarWolf]

Here is the virustotal link.

http://www.virustotal.com/file-scan/...bff-1322299528

From the results, it does look like a malware.

[sujay]

You better use some additional protection like No Autorun or Antirun because signature based anti malwares tend to miss things. Malwarebytes though very efficient but is not intended to be a replacement of an antivirus. I am surprised that Avast failed to detect it. You need to submit them the file (may be to Panda,Vipre too).
I think comodo missed the file as you were using the firewall and you have opened the usb drive the file sandboxed. When you run anything through sandboxie actually the process doesn't comes into the process list and as sandboxie process is already allowed in Comodo you will not get any prompt.

P.S: If autorun.inf is not present in your pen drive then No-Autorun and Antirun won't give any prompt.

[LunarWolf]

I used panda usb vaccine and bitdefender usb immunisation.

I actually happen to run it without sandboxie. (By accident) No prompt from avast behaviour shield (set it to ask), defense + nor winpatrol. The file is only about 7KB big.

[sujay]

I used panda usb vaccine and bitdefender usb immunisation.

I actually happen to run it without sandboxie. (By accident) No prompt from avast behaviour shield (set it to ask), defense + nor winpatrol. The file is only about 7KB big.

hmm then might be autorun.inf was absent. I am sure that your system wasn't infected.

[Raymond]

Send the file to sujay and he has a "private tool" that can automatically send the sample to Avast and other vendors

[Bluedot]

Send the file to sujay and he has a "private tool" that can automatically send the sample to Avast and other vendors

Raymond, if it's not too much to ask for, can I have one too? It's my hobby..