Jump to content

merlino

Members
  • Content Count

    38
  • Joined

  • Last visited

About merlino

  • Rank
    Candidate
  1. This might sound funny, but we're at a stage where you need to protect your AV software. SecurityFocus has published an article on the research done Sergio Alvarez and Thierry Zoller (for N.runs), which concludes that while AV software is protecting clients against malware (running at userspace), the AV software (typically running at kernel level) is itself vulnerable to exploitation. Best part: "N.runs plans to release a product to protect against antivirus parsing vulnerabilities, and the contact information at the end of the presentation includes the e-mail address of the company's director of software sales." .. don't get lost into the argument that these guys are marketing their software through research - that's only appropriate - the problem is real and there's little FUD involved. There's a huge difference between security software and secure software. The question then is .. will we need protection for the software that protects your AntiVirus? Echoing this post
  2. Guys, I was wondering whether incoming RSS feeds are scanned for malicious embedded Javascript/ActiveX code by Kaspersky 6.0. Basically from my limited understanding of the mechanics of kaspersky, kaspersky 6.0 proactive defense should already cater for this requirement, however it is debatable whether or not it can be actually called pro-active. The reason is that for code to be detected as suspicious, kaspersky must learn of them in turn making it respond reactively. So depends from which angle this is seen i reckon... Therefore, until atom 1.0 develops its w3c standard for encrypted rss feeds, and until browsers/readers begin to parse 'acceptable' RSS tags and content, i guess we probably will be banking on Kaspersky for detection of 'suspicious' code I have written an article about this on my blog found here and any comments / suggestions are more than welcome!
  3. It appears after each incoming SMS. Also, i don't have any other antispam software on the mobile and Bluetooth is more often than not off. To try and resolve the problem i tried to uninstall KAV and restart my mobile however problem still remained. in anycase this morning, i reformatted my mobile to its default settings and everything seems to back to normal. I'm not sure if its a KAV consequence but if someone else has experienced this perhaps we can come to some conclusion why this message was popping up at me.
  4. Well this occured when an SMS message came in. When an SMS came in, Kaspersky opened it and showed it to me, however the phone still showed me one unread message -- the same one ie. Also, subsequent messages that came in seconds later where not picked up by kaspersky. Point to notice the white list and black list of senders was currently empty until with every new message that came in i added them to the white list.
  5. Guys -- a small problem -- on the site quoted above there are three files. Once downloaded, i put them in a folder \other files\kav on the phones memory. Going into the update options i do not have "local update" --- rather "search on phone". Choosing "update av database" scans the files on the phone memory and doesn't find new database. Another thing i noticed is that the default URL for the updates downloads a *.klb file. None of the three files i downloaded is a klb file. Have i missed something ?
  6. Small problem on first using the Beta2 version. I got this message and i'm not sure if its by design or not: App closed Ncnlist My Symbian version is 5.27 on a 6600.
  7. thanks guys --- i will keep your suggestions in mind.
  8. Well guys --- very well done for this AV product. Loaded it on my Nokia 6600 and i must admit i am impressed with the programs performance. I would like to see a progress update bar when updating identities furthermore, make the identities file should be made downloadable and available as a file to be transferred from PC to mobile via PC suite. This would be a nice feature to avoid the transfer by GPRS. having worked and met you guys of kaspersky i am sure the final product with be great and i am also sure that your product will be a number one needed product in this market. being a security analyst myself i can say that there aregrowing trends for mobile viruses i'm afraid and the things product has a future. I look forward to the next version. Well done guys!
  9. I have a client that really can't understand what or how to install the key file she bought. Therefore does anyone know of a script or EXE to simply doubleclick and install the key file into her personal KAV 5.0? Or else a step by step installation with screenshots might help ! Any help is apreciated ! D.
  10. Hi defekt, Thanks for opting to try and explain the problem. Attached is syslog of the problem. I am still waiting on KAV for a possible explaination and how to rectify the problem. sysinfo.txt
  11. We are currently having a problem with Kaspersky on a primary domain controller. On 1/1/2006 the following error occurred: Failed to distribute ss Code=1192 Subcode=0 Message='Data is corrupted or has an unknown format' File='O:\CS AdminKit\Development\par\parbinser.cpp' Line=288 Type='|ss_type="SS_PRODINFO"; ' Host='9dc30d70-d9c3-41de-8950-3919915fed95' From that date, this error continued to be reported approximately every 15 minutes till now. This error is causing the anti-virus to run unsuccessfully. Even though the Kaspersky services were still running on the server we couldn’t manage to start and/or stop any anti-virus tasks. Only after restarting the Kaspersky services on the mentioned server we managed to control the anti-virus tasks. Any insight to this problem is greatly apreciated.
  12. Problem resolved. I am posting what was done to remove it. It was apparently some adware on the stations in "C:\Program Files\NewDotNet\NEWDOT~2.DLL" registered as a network service. KAV blocks it, but it could not delete it without the users intervention. 1) The file was added to the trusted list 2) then deleted from safe mode, restarted again 3) ran a KAV utility for full removal Thanks you KAV Technical Support
  13. Still no resolution to this problem after i ran the utility. The problem is becoming quite urgent.
  14. Thanks conslider for your help. Indeed I will see what effect this will have on the affected machines. Will post results.
  15. Attached to this message are the netstat results. Notice the different results obtained with the realtime protection disabled and enabled! Attached are the ping results when it is enabled. What is strange is that the IP in parenthesis seems to be corrupted. Any insight on this problem will greatly help. netstat.txt ping.txt
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.