More fun experiments with malware part 1
-
Virtual PC:
VMWare Workstation 15 Player
Windows 7 x64
KIS 20.0.1.780 de app + drv verifier enabled
Reproduction steps:
I installed quite alot malware, rebooted the virtaul pc.
I think all the dumps are from when KIS tried to start, i tried to start KIS, after i had rebooted the infected virtual pc.
Actual result:
Had to switch to safe mode to delete enough malware to allow KIS to start normaly again, though the full scan in safe mode missed some malware.
Expected Result:
After alot of reboots and scans ,atleast i think so, all malware was deleted.
-
- Self-defense does not block the download of this .dll either in 2019 or in 2020, works as designed, there is no regression in behavior.
- The fact of a dump in 2020 is explained by the difference in the internal logic of this dll (in one case there is an error with the dump, in the other case the .dll is nominally unloaded, apparently the error also occurs, but this case is successfully processed and the crash does not occur)
-
- Self-defense does not block the download of this .dll either in 2019 or in 2020, works as designed, there is no regression in behavior.
- The fact of a dump in 2020 is explained by the difference in the internal logic of this dll (in one case there is an error with the dump, in the other case the .dll is nominally unloaded, apparently the error also occurs, but this case is successfully processed and the crash does not occur)
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login© 2026 АО «Лаборатория Касперского»