Norton keeps identifying and removing what it identifies as a W32.Changeup!gen10 virus.
Norton says it removes it every time, but the fact that it keeps removing the same type of W32.Changeup!gen10 virus is concerning. It is also listed as a risk that Very Few Users have (Fewer than 10 users in the Norton Community have used this file).
Should I be concerned? Is the risk truly removed?
The executalbes removed today are:
piiunx.exe
piiun.exe
yauwoo.exe
Below is the info regarding the risk copied from Norton File Insight for two of the events.
Thank You
g:\piiun.exe
____________________________
On computer as of
2/24/2011 at 10:44:22 AM
Last Used:
2/24/2011 at 10:47:00 AM
Startup Item: No
Launched: No
____________________________
Very Few Users
Fewer than 10 users in the Norton Community have used this file.
____________________________
High
This file risk is high.
____________________________
Threat Details
Detection of a threat based on malware heuristics.
____________________________
Origin
Downloaded from Not Available
____________________________
URL Not Available
UNTESTED
Source
piiun.exe
____________________________
File Actions
File: g:\piiun.exe
Removed
File: g:\piiunx.exe
Removed
____________________________
Registry Actions
Run on drive access via Autorun.inf: HKEY_USERS\S-1-5-21-2385295251-1419814742-1763241557-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d26cfcec-3f7b-11e0-91f0-001fc62a32eb}
Removed
____________________________
File Thumbprint:
Not Available
____________________________
g:\yauwoo.exe
____________________________
____________________________
On computer as of
2/24/2011 at 8:53:17 AM
Last Used:
2/24/2011 at 8:55:55 AM
Startup Item: No
Launched: No
____________________________
____________________________
Very Few Users
Fewer than 10 users in the Norton Community have used this file.
____________________________
High
This file risk is high.
____________________________
Threat Details
Detection of a threat based on malware heuristics.
____________________________
Origin
Downloaded from Not Available
____________________________
URL Not Available
UNTESTED
Source
yauwoo.exe
____________________________
File Actions
File: g:\yauwoo.exe
Removed
Run on drive access via Autorun.inf: g:\autorun.inf
No Action Required
File: g:\yauwoox.exe
Removed
____________________________
Registry Actions
Run on drive access via Autorun.inf: HKEY_USERS\S-1-5-21-2385295251-1419814742-1763241557-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d26cfcc5-3f7b-11e0-91f0-001fc62a32eb}
Removed
____________________________
File Thumbprint:
Not Available
____________________________