|
Forum: UltraISO Topic: RootKit started by: tramco Posted by tramco on Feb. 02 2011,19:13
I am using UltraISO Premium 9.36 to write disk image to USB for Symantec Endpoint Recovery Tool 1.0.17I had the USB drive installed while scanning with tdsskiller from Kaspersky Labs to clean a Tidserv virus and it indicated that my USB drive was infected with rootkit.win32.backboot.gen I was able to recreate the situation on multiple USB drives after performing a low level format on all of them. Question is, is it UltraISO or the image from Symantec? Posted by xoben on Feb. 04 2011,21:25
UltraISO will change MBR (Master Boot Record) and Boot Record of the active partition of your USB flash drive for 'Write Disk Image' operation. It is recommanded to contact vendor of your anti-virus program to get more detailed of your issue.
Posted by X3lectric on Feb. 07 2011,13:17
(xoben @ Feb. 05 2011,02:25) QUOTE UltraISO will change MBR (Master Boot Record) and Boot Record of the active partition of your USB flash drive for 'Write Disk Image' operation. It is recommanded to contact vendor of your anti-virus program to get more detailed of your issue. Actually it should be ultraiso contacting antivirus companies informing them of this process in detail so it can be white listed, NOT the user. Passing the buck on real issues to the customer is real excellent business practice... Posted by tramco on Feb. 07 2011,14:16
Thanks to the both of you for replying. No other Anti-Virus program has shown any indication of a problem. I guess my POST was more of a heads up for the programmer/s then any other reason. I will continue to use UltraISO as I have for the last 6+ years. There is no other application that comes close in my book. |