[Threat Detected]

Discussion in 'Computer Games and General Discussion' started by [M]artin, May 17, 2009.

May 17, 2009

[Threat Detected] by [M]artin at 9:09 PM (1,118 Views / 0 Likes) 11 replies

  1. [M]artin
    OP

    Member [M]artin .

    Joined:
    Nov 7, 2006
    Messages:
    3,658
    Country:
    United States
    A few days ago, a friend of mine plugged in her flash drive into my desktop. ESET instantly popped up with the message below:

    [​IMG]

    She's accessed her flash drive through my desktop on a number of occasions and ESET never gave us any problems. I choose "Delete" and ESET hasn't been giving us any problems since then. However, I'm still curious as to what it was on that flash drive that caused this, and should I be concerned?
     
  2. da_head

    Member da_head A dying dream..

    Joined:
    Apr 7, 2008
    Messages:
    2,953
    Location:
    Toronto, Canader!
    Country:
    Canada
    well if it detected it, then there should be no worries amirite?

    but wth is eset? never heard of it.
     
  3. Lee79

    Member Lee79 Hyper...Active...Team Fortress 2 Addict

    Joined:
    Jul 29, 2007
    Messages:
    920
    Location:
    ctf_2fort
    Country:
    United Kingdom
    Autorun.inf (An INF file or Setup Information file is a plain text file used by Microsoft Windows for installation of software and drivers.) is a autorun file so when you plug it in it will auto run some software and try and install it on your PC could be legit or could be a virus so NOD32 flag it to protect your computer.
     
  4. [M]artin
    OP

    Member [M]artin .

    Joined:
    Nov 7, 2006
    Messages:
    3,658
    Country:
    United States
    Thanks. I flagged it. I have a flash drive similar to the one she used and it never contained any embedded Autorun software or anything like that IIRC, most likely not safe.
     
  5. Salamantis

    Member Salamantis GBAtemp Advanced Maniac

    Joined:
    Feb 20, 2007
    Messages:
    1,945
    Country:
    Canada
    ESET is the company that makes Smart Security and NOD32.

    EDIT: Martin beat me by a few seconds, damn [​IMG]
     
  6. Lee79

    Member Lee79 Hyper...Active...Team Fortress 2 Addict

    Joined:
    Jul 29, 2007
    Messages:
    920
    Location:
    ctf_2fort
    Country:
    United Kingdom
    If you have a copy of the file "Autorun.inf" you can open it with Notepad and it should tell you the files it is trying to install.

    For example this Autorun.inf file on my PC's HDD (i did a search for "*.inf" files the * is used as a wildcard, any name) looks like this when I open it with notepad

    Code:
    [autorun]
    icon=App.ico
    open=CodecInstaller.exe
    Which means it auto runs the CodecInstaller.exe when it is executed
     
  7. FlatFrogger

    Member FlatFrogger GBAtemp Regular

    Joined:
    Apr 20, 2007
    Messages:
    291
    Country:
    United Kingdom

    This.

    Its worth finding out of if its a real threat or its a false detect, if its the latter submit it for analysis.
     
  8. Law

    Member Law rip ninjacat that zarcon made me

    Joined:
    Aug 14, 2007
    Messages:
    4,132
    Location:
    ‭jerkland
    Country:
    United Kingdom
    I remember something similar that was happening on the college PCs, whenever you would put a flashdrive in it would copy an autorun.inf file and a folder onto it, and then when you placed the flashdrive into another computer it would copy the autorun.inf and the folder somewhere onto the hard drive. Cycle repeats, thousands of computers infected. I think it was rather harmless, though.

    Find out where else your friend has been using their flashdrive, those computers might still be infected. I remember my AVG was bitching at me for a while about it, literally everytime I got home from college and used my flashdrive in my laptop. Stopped using my flashdrive at college, never happened again.
     
  9. zeromac

    Member zeromac Finally reached 1000 posts EXACTLY

    Joined:
    Mar 7, 2009
    Messages:
    2,194
    Location:
    Earth
    Country:
    Australia
    wait.. im not trying to freak you out our anything but wasn't that the april 1st supposed virus? it could spread by flash drive and when u plug in a flash drive into ur comp there would mysterysly be another folder that would instantly open
     
  10. Hopawarty

    Banned Hopawarty Banned

    Joined:
    Apr 28, 2009
    Messages:
    111
    Location:
    Oz
    Country:
    Australia
    Formatting time [​IMG]
     
  11. moodswinger

    Member moodswinger GBAtemp Regular

    Joined:
    Sep 6, 2008
    Messages:
    237
    Country:
    Philippines
    @ zeromac, I think we need 1 more evidence to confirm that, did the icon of the flash drive turned into a "folder" icon? Cause if it did, it probably is the Conficker worm.
     
  12. xcalibur

    Member xcalibur Gbatemp's Chocolate Bear

    Joined:
    Jun 2, 2007
    Messages:
    3,166
    Location:
    Sacred Heart
    Country:
    United Kingdom
    Yeah I had that same one only it disallowed access to task manager and folder options and it duplicated each folder by creating a shortcut to itself inside the folder.
    If it has "new folder.ink" at the root, its probably this.
     

Share This Page