ISRCopyRSS.exe & KIS 7 Tojan.Cryptor warning

TonyW · May 24, 2007

During a Copy/Update procedure this afternoon, KIS' Proactive Defense gave me a warning as follows:

24/05/2007 4:06:16 PM C:\$ISR\0\ISRCopyRSS.exe Process is trying to encrypt personal data. This behaviour is typical of Trojan programs.

I allowed, and it happened 6 more times till it stopped. The modifications were being made to Firefox's Profiles folder as I had installed a dictionary. Files were being removed or added.

This is the first time I have seen this. Has anyone else come across this?

TonyW · May 24, 2007

TonyW said:

The modifications were being made to Firefox's Profiles folder as I had installed a dictionary. Files were being removed or added.
Click to expand...

Actually, looking at the timestamps, it's more like files being added to or removed from the cache.

Peter2150 · May 24, 2007

TonyW said:

During a Copy/Update procedure this afternoon, KIS' Proactive Defense gave me a warning as follows:

24/05/2007 4:06:16 PM C:\$ISR\0\ISRCopyRSS.exe Process is trying to encrypt personal data. This behaviour is typical of Trojan programs.

I allowed, and it happened 6 more times till it stopped. The modifications were being made to Firefox's Profiles folder as I had installed a dictionary. Files were being removed or added.

This is the first time I have seen this. Has anyone else come across this?
Click to expand...

I haven't I guess, because I always disable Kav/kis before doing a copy. No point in scanning files during that copy. Just slows you down.

TonyW · May 24, 2007

I'll disable in future. I have done that before, but didn't today.

Log in or Sign up

ISRCopyRSS.exe & KIS 7 Tojan.Cryptor warning

TonyW Registered Member

TonyW Registered Member

Peter2150 Global Moderator

TonyW Registered Member

Log in or Sign up

ISRCopyRSS.exe & KIS 7 Tojan.Cryptor warning

TonyW Registered Member

TonyW Registered Member

Peter2150 Global Moderator

TonyW Registered Member

Useful Searches