KavDos results

[ms]

W2K, Safe Mode

Yesterday, before Art's revised version, I ran KavDos in Safe Mode.

C:\ scanned clean.

Another partition on the same drive D:\, it scanned many files, then I
noticed the last file it scanned at bottom of screen- it sat there, 5
minutes later, nothing happening. The scan was not complete, just stopped.

I didn't have a screen freeze, but the KavDos screen would not close,
finally had to reboot.

Advice?

Also, it had identified a simple executable DialupPass by Nir Sofer, as
infected. I will email the author, but I feel this is an error, he is a
very reliable software author.


Mike Sa

 

[Art]

W2K, Safe Mode

Yesterday, before Art's revised version, I ran KavDos in Safe Mode.

C:\ scanned clean.

Another partition on the same drive D:\, it scanned many files, then I
noticed the last file it scanned at bottom of screen- it sat there, 5
minutes later, nothing happening. The scan was not complete, just stopped.

I didn't have a screen freeze, but the KavDos screen would not close,
finally had to reboot.

Advice?

Also, it had identified a simple executable DialupPass by Nir Sofer, as
infected. I will email the author, but I feel this is an error, he is a
very reliable software author.

You're welcome to send me (preferably zipped) a copy of the file
KAVDOS32 stalled on, and I'll look into it.

With regard to the freeware proggy DialupPass, I just downloaded
it and KAVDOS32 alerts as: not-a-virusSWTool.Win32.Dialupass.f
Note the "not-a-virus" prefix. In this case, it means that this
particular software can be used for nefarious purposes. Some av
products alert on various kinds of commercial software
(controverialware) such as port scanners and keyloggers. In this
case I guess the proggy can be used to log passwords or something
of the kind, and someone could use the program for "bad"
purposes in the judgement of the virus analysts. So don't be
concerned with the alert if you know the proggy is ok for your
purposes.

Art
http://home.epix.net/~artnpeg

 

[* * Chas]

You're welcome to send me (preferably zipped) a copy of the file
KAVDOS32 stalled on, and I'll look into it.

With regard to the freeware proggy DialupPass, I just downloaded
it and KAVDOS32 alerts as: not-a-virusSWTool.Win32.Dialupass.f
Note the "not-a-virus" prefix. In this case, it means that this
particular software can be used for nefarious purposes. Some av
products alert on various kinds of commercial software
(controverialware) such as port scanners and keyloggers. In this
case I guess the proggy can be used to log passwords or something
of the kind, and someone could use the program for "bad"
purposes in the judgement of the virus analysts. So don't be
concerned with the alert if you know the proggy is ok for your
purposes.

Thanks for the work on KAVDOS32. It's a little faster than the old
AVPDOS32 which looks to be a dead player at this point. I bought
AVPDOS32 a number of years ago and still had it on several older systems
as a backup.

I also ran into several problems with KAVDOS32. I tried running it on a
Win98SE system (1g Athlon with 384MB of memory) in both a DOS window and
from the Command Prompt at bootup. It worked fine until it hit the
Mozilla Thunderbird folder. I 'd imported a bunch of OE Emails into
Thunderbird and KAVDOS32 slowed to a crawl when scanning those
messages - hours!

I uninstalled Thunderbird as I don't care for the user interface and
KAVDOS32 is a little better.

The other thing, KAVDOS32 reported adware in a file in my NOD32 Cache:

File C:\PROGRA~1\ESET\CACHE\FND0.NFI Infected by virus:
not-a-virus:AdWare.Win32.WinAd.bg

NOD32 question: does NOD32 store some malware in the Cache Folder? It
doesn't show up in the control console Quarantine window.

 

[Art]

Thanks for the work on KAVDOS32.

You're welcome.

It's a little faster than the old AVPDOS32

I did a lot of cut and try work to get maximum scanning speeds in DOS.
My K-BOOT boot disk is a reflection of that work.

which looks to be a dead player at this point. I bought
AVPDOS32 a number of years ago and still had it on several older systems
as a backup.

AVODOS32 was a "dead horse" long before the Swiss site quit selling
Kaspersky products. It failed to detect some malware that KAVDOS32
does detect. It was a crime that they kept on selling a crippled
product for so long.

I also ran into several problems with KAVDOS32. I tried running it on a
Win98SE system (1g Athlon with 384MB of memory) in both a DOS window and
from the Command Prompt at bootup. It worked fine until it hit the
Mozilla Thunderbird folder. I 'd imported a bunch of OE Emails into
Thunderbird and KAVDOS32 slowed to a crawl when scanning those
messages - hours!

Scanning T-bird and Moz email folders with email scanning enabled is a
big waste of time in any event. No scanner can clean/delete the email
archives or portions of them. Simply delete, or tell people to delete
all unsolicted email attackments. If they don't, they're harmless in
the email archives anyway since T-Bird and Moz won't let you Run
them. A user would have to Save the attackment to a folder and
Run it from there (like a idiot ) But non-idiots can Save them and
scan them in the test folder after waiting awhile to avoid the day 0
problem.

I uninstalled Thunderbird as I don't care for the user interface and
KAVDOS32 is a little better.

Personally, I like and use T-bird.

<skip NOD32 question since I don't use it>

Art
http://home.epix.net/~artnpeg