Jump to content
dh27564

Scanning Image Files - Malware Detection

Recommended Posts

I use Macrium Reflect on a regular basis to create an image of my entire internal hard drive.  The image file consists of 1 large file and is stored on an external hard drive.  If a Trojan was nested within the [C] partition of my internal hard drive and an image was made of this hard drive, should Kaspersky discover this Trojan when scanning the image file?

Share this post


Link to post

Macrium uses encryption when creating an image.  I would think there needs to be a built-in decryption tool in KIS.  This is probably a question that can be definitively answered by someone on development team

Share this post


Link to post

The reason I ask is a recent rootkit scan by KIS2018 turned up a HEUR:Trojan Generic nested in some old files I transferred to this machine some time ago (not sure why it wouldn't have appeared earlier as rootkit scans run regularly on this machine).   A subsequent full scan with Kaspersky also found this Trojan.  Rarely do I run a manual scan as I know the real-time protection should do the trick.  The malware has since been eliminated and recent scans by KIS and MBAM show nothing.

Out of curiosity, I ran a full scan of an image file (which would have included the suspect file) with KIS2018 and the scan found no detected threats.  However, mounting the image and running a full scan did identify the file.

I have deleted all the image files that would have contained this malware and subsequent scans of all my drives come up clean.

Your observation sounds as if it may be correct.  Again, just curious.

Thanks!

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.