PDA

View Full Version : Kaspersky Inspector (KAVI) stealth viruses?

Firefighter
September 6th, 2003, 10:08 AM
Hi everyone! Does anybody know what are so called "stealth viruses", that the "Kaspersky Inspector" module in KAV Personal Pro 4.5 Antivirus has found?

After my second scan with "KAVI" it had found one stealth virus in C:\Windows\Temp folder! Those infections are still clean with usual KAV and RAV scanning and DrWeb online scan.


"The truth is out there, but it hurts!"

Best Regards,
Firefighter!
wizard
September 6th, 2003, 10:14 AM
-{ Quote: " quoting: Firefighter link=board=24;threadid=13411;start=0#msg85673 date=1062857291]
Hi everyone! Does anybody know what are so called "stealth viruses", that the "Kaspersky Inspector" module in KAV Personal Pro 4.5 Antivirus has found? " }-

Stealth viruses refer back to some of the old MS DOS viruses. Today there are no real "stealth viruses" for Windows except of some proof-of -concept ones that never made it ITW.

-{ Quote: "After my second scan with "KAVI" it had found one stealth virus in C:\Windows\Temp folder! Those infections are still clean with usual KAV and RAV scanning and DrWeb online scan." }-

Looks like a false positive to me. Best if you just empty your temp folder. If you have any doubts left you could also submit the suspicious files to Kaspersky Labs for analysis. :)

wizard
Firefighter
September 6th, 2003, 10:19 AM
To Wizard from Firefighter!

Thanks a lot! I'll send that file to Kaspersky Lab to make sure about that.

Best Regards,
Firefighter!
Firefighter
September 7th, 2003, 05:59 AM
To everyone from Firefighter!

My last question about that KAVI module in KAV Personal Pro 4.5!

Is that total hype in WinXP environment or does it have some special use and then what?

Best Regards,
Firefighter!
wizard
September 7th, 2003, 08:27 AM
-{ Quote: " quoting: Firefighter link=board=24;threadid=13411;start=0#msg85884 date=1062928756]
Is that total hype in WinXP environment or does it have some special use and then what?" }-

For the moment 'stealth viruses' are no threat. They have been a serious threat in the past (good old MS DOS days) but under Windows this has been so far no real threat. So this KAVI feature should not be overestimated. :)

'Stealth viruses' might become a threat again in the future again but who knows.

wizard
xor
September 7th, 2003, 08:40 AM
A stealth virus removes his code byself from infected files if he runs active in the memory.

Imagine this:

+-------------------+
| INFECTED FILE | ---> Loads Virus Code into memory ---> removes virus code from file
+-------------------+

This means if you start a filescan, you will not detect this virus in the file 'coz he relays in the memory and is in this time not present in the file ;D