Jump to content
  • Announcements

    • Rodion Nagornov

      Долгое сохранение сообщений || Delays while posting (click here to read the full text RU/EN)   09/20/2017

      Due to some technical reasons visual delays are possible while message sending. Actually your message is published immediately - just interface works long. In such case, please, do not re-send your message immediately! Press F5 to reload the page and check if your message/topic is published. || По техническим причинам возможно визуально долгое отправление сообщений на форуме. Фактически ваше сообщение публикуется мгновенно - долго отрабатывает графика. В случае подобной ситуации, пожалуйста, сначала обновите страницу (F5) и проверьте, появилось ли ваше сообщение. Не пытайтесь сразу отправить его заново.
Sign in to follow this  
huldu

Virus scan failed

Recommended Posts

I found a small mirc based trojan embedded in an executable. A nasty little thing if it ever got installed on the system in other words. First thing i did was to use this site http://virusscan.jotti.org/ to scan the file to see if it found anything at all. A few of the scanners found the trojan, not kasperskys tho.

 

I scanned the file with KIS 6.0 and it found nothing inside the file. Since i knew what this file had inside of it i installed it on a safe computer. No warnings from KIS at all. I did a full system scan and it found the trojan that came from the exectuable. The problem is if this was a *real* scenario this would have been too late already. Why didnt KIS detect the trojan but detected it once it was installed (when i did a full system scan)?

 

Personally i dont feel very safe at all, knowing that harmful objects may be installed on the system without my knowledge just because the file pass as safe when it really isnt.

 

Another problem im having is when doing a full system scan is the INSANE long time (and eventually lockups) on large archives. Took me 10 minutes to try shut down KIS when it hung up on an archive scan (rebooting the computer isnt a solution to a malfunction in a program). I would like to know what KIS does when it runs into a big archive, does it open the file then scan? because 60+ minutes scanning 1 file isnt exactly working as intended in my eyes. Funny thing is that this process totally drains the system on its resources and become very unstable and laggy.

Share this post


Link to post

KIS/KAV contains a large information about archive unpackers. mIRC should be detected as Riskware (if you enabled extended signatures). Also you should utilize Exclusions, if you do not want those files scanned :)

Share this post


Link to post

Right click K >> Settings >> 3rd Checkbox in Malware Categories :)

Edited by Whizard

Share this post


Link to post
I found a small mirc based trojan embedded in an executable. A nasty little thing if it ever got installed on the system in other words. First thing i did was to use this site http://virusscan.jotti.org/ to scan the file to see if it found anything at all. A few of the scanners found the trojan, not kasperskys tho.

 

I scanned the file with KIS 6.0 and it found nothing inside the file. Since i knew what this file had inside of it i installed it on a safe computer. No warnings from KIS at all. I did a full system scan and it found the trojan that came from the exectuable. The problem is if this was a *real* scenario this would have been too late already. Why didnt KIS detect the trojan but detected it once it was installed (when i did a full system scan)?

 

Personally i dont feel very safe at all, knowing that harmful objects may be installed on the system without my knowledge just because the file pass as safe when it really isnt.

 

Another problem im having is when doing a full system scan is the INSANE long time (and eventually lockups) on large archives. Took me 10 minutes to try shut down KIS when it hung up on an archive scan (rebooting the computer isnt a solution to a malfunction in a program). I would like to know what KIS does when it runs into a big archive, does it open the file then scan? because 60+ minutes scanning 1 file isnt exactly working as intended in my eyes. Funny thing is that this process totally drains the system on its resources and become very unstable and laggy.

Because it had not executed yet ..thats why..otherwise it would have been detected...well actually it was .......wasn't it. ;)

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×