#873 More fun experiments with malware part 1

  • Rejected

    , last edited by Jarvis

    Virtual PC:

    VMWare Workstation 15 Player

    Windows 7 x64

    KIS de app + drv verifier enabled

    Reproduction steps:

    I installed quite alot malware, rebooted the virtaul pc.

    I think all the dumps are from when KIS tried to start, i tried to start KIS, after i had rebooted the infected virtual pc.

    Actual result:

    Had to switch to safe mode to delete enough malware to allow KIS to start normaly again,  though the full scan in safe mode missed some malware.

    Expected Result:

    After alot of reboots and scans ,atleast i think so, all malware was deleted.

    System Settings

    Operating system: Win 7, x64

    System: Intel Core i7 4770 @ 3.4GHZ, 12,0GB RAM, NVIDIA Geforce GTX 1060 6GB, Harddisk 1TB

    Product: KIS

    Product Version:

    Language: de-DE

    Product Logs: https://cloud.qainfo.ru/s/6eORDCJaFD9GdOF

  • , last edited by Helios_07


    Thank you for the clarification/explanation!

  • - Self-defense does not block the download of this .dll either in 2019 or in 2020, works as designed, there is no regression in behavior. - The fact of a dump in 2020 is explained by the difference in the internal logic of this dll (in one case there is an error with the dump, in the other case the .dll is nominally unloaded, apparently the error also occurs, but this case is successfully processed and the crash does not occur)
  • As Designed
  • Duplicate

Looks like your connection to Beta Testing was lost, please wait while we try to reconnect.