Morisato 8 Posted August 29, 2016 Share Posted August 29, 2016 (edited) Under which selection (File open or File creation) would initiating a autoplay disc which initiates a autorun.inf that makes a new folder with a Trojan under appdata/local fall under as detectable? I only had File execution selected but it failed to detect the Trojan and was only stopped further by eset's interactive mode firewall from connecting online. So it has to be either File open or File creation. Edited August 30, 2016 by Morisato Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted August 29, 2016 Administrators Share Posted August 29, 2016 Since it's probably a new variant of malware, submit it to ESET as per the instructions at hxxp://support.eset.com/kb141/so that detection is added and the malware is recognized by ESET's scanners. Link to comment Share on other sites More sharing options...
Morisato 8 Posted August 30, 2016 Author Share Posted August 30, 2016 (edited) Since it's probably a new variant of malware, submit it to ESET as per the instructions at hxxp://support.eset.com/kb141/so that detection is added and the malware is recognized by ESET's scanners. Hey Marcos, thanks for the response. The reason I bring it up is because it's detected when I do a manual scan or scan/clean on the folder itself. It didn't detect though when I initiated the autoplay of the mounted image in which case it placed the Trojan files in a appdata/local folder. I already submitted and got a response of what it can do more or less. My question is what would prevent this from happening in the first place, File open or File creation? I always have File execution selected but it didn't detect it when the files were placed where I mentioned above. What I'm looking for is what would make eset scan once I double click on autplay/autorun. Edited August 30, 2016 by Morisato Link to comment Share on other sites More sharing options...
Recommended Posts