Jump to content

Scan on category selection for autorun Trojan injection?


Morisato

Recommended Posts

Under which selection (File open or File creation) would initiating a autoplay disc which initiates a autorun.inf that makes a new folder with a Trojan under appdata/local fall under as detectable? I only had File execution selected but it failed to detect the Trojan and was only stopped further by eset's interactive mode firewall from connecting online. So it has to be either File open or File creation.

Edited by Morisato
Link to comment
Share on other sites

Since it's probably a new variant of malware, submit it to ESET as per the instructions at hxxp://support.eset.com/kb141/so that detection is added and the malware is recognized by ESET's scanners.

 

Hey Marcos, thanks for the response. The reason I bring it up is because it's detected when I do a manual scan or scan/clean on the folder itself. It didn't detect though when I initiated the autoplay of the mounted image in which case it placed the Trojan files in a appdata/local folder. I already submitted and got a response of what it can do more or less. My question is what would prevent this from happening in the first place, File open or File creation? I always have File execution selected but it didn't detect it when the files were placed where I mentioned above. What I'm looking for is what would make eset scan once I double click on autplay/autorun.

Edited by Morisato
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...