Detection question

I noticed today that I had a technician scan using the Eset Rescue CD, and he went out and got updates etc.. Scanned the machine twice, and it didn't find anything.. Booted up into Windows, and then made sure it was up to date, and did another scan that returned clean...

I then took over, and installed PrevX 3.0 did a scan, and PrevX picked up 2 Trojan Downloaders, and Eset Amon resident also detected these... I found it odd that the only way ESET could detect it was after PrevX 3.0 hit the files doing a scan, but when Eset did a scan over the same files the Amon module didn't kick in, and protect..

I am refering to Amon but I am using 4.0.. I am used to having AMON,DMon,EMon, and etc so I reference the function of a task based on that terminology still..

 

Thats odd indeed. Maybe PrevX but them there? (nah, joking )

Did you use the 'in-depth' scan (to make sure it scans in archives)? I dont know where the files in question were found.
Thats the only reason I can think of.

 

Yes it was in depth.. The files were tmp files in the C:\windows\temp folder..

 

Hello,

Were both scans done with identically-configured (or as close to possible as identical) settings?

Regards,

Aryeh Goretsky

 

Couldn't it be that the temp files were created by Prevx when scanning files inside an archive?

 

Prevx doesn't extract any files to disk when scanning. The only time it would touch the %windir%\temp\ folder would possibly be during cleanup.

Let me know if you need any further details

 

You won't get any sense out of Eset.

The mods attack people who criticise Eset.