Ping Dr. Lippman regarding Multi_Av.exe tool

[Wilbur Post]

I found it very useful after getting a JS:Nocheat-2 Blackbox trojan that
attacks Java from some site (Avast caught it and moved it to the chest, but
I thought I would run some alternate programs to be safe).

Several things I noticed:

McAfee removes anything named patch.exe even if it's a legitimate file,

and


Kaspersky adds a KAV stream to every file it scans. I needed to download
Sysinternals Streams program to get rid of them.

I'm not entirely sure of your Kaspersky option, though. I loaded a trial
version of Kasperksy, did a scan which was incredibly slow, and it may have
attached itself to all files on my NTFS drive.

I've since uninstalled Kaspersky - too slow and too much of a memory hog.

 

[David H. Lipman]

From: "Wilbur Post" <[email protected]>

| I found it very useful after getting a JS:Nocheat-2 Blackbox trojan that
| attacks Java from some site (Avast caught it and moved it to the chest, but
| I thought I would run some alternate programs to be safe).
|
| Several things I noticed:
|
| McAfee removes anything named patch.exe even if it's a legitimate file,
|
| and
|
| Kaspersky adds a KAV stream to every file it scans. I needed to download
| Sysinternals Streams program to get rid of them.
|
| I'm not entirely sure of your Kaspersky option, though. I loaded a trial
| version of Kasperksy, did a scan which was incredibly slow, and it may have
| attached itself to all files on my NTFS drive.
|
| I've since uninstalled Kaspersky - too slow and too much of a memory hog.

It's Lipman not Lippman

If there is a PATCH.EXE it's truly legitimate then submit to McAfee as a False positive
declaration. ZIP PATCH.EXE into a password protected ZIP file with the Password being;
infected
Send the ZIP file to; (e-mail address removed)

As for the Kaspersky scanner. I find it interesting that KAVDOS32.EXE, a DOS scanner, added
a "KAV stream" to files scanned.

 

[Buddy b]

It's Lipman not Lippman

As in Lipman Tea? >)

Thanks for all the help you have given us, David.
Regards
Buddy b

 

[Ian Kenefick]

As in Lipman Tea? >)

Lipton make tea - not Lipman

 

[Bill]

As in Lipman Tea? >)

That's Lipton tea.

 

[David H. Lipman]

From: <Buddy (e-mail address removed)>

|
| As in Lipman Tea? >)
|
| Thanks for all the help you have given us, David.
| Regards
| Buddy b

Your welcome !

and

Happy New Year !

 

[Wilbur Post]

As for the Kaspersky scanner. I find it interesting that
KAVDOS32.EXE, a DOS scanner, added a "KAV stream" to files scanned.

I think it's their full blown trial version that did it. I loaded that a
few weeks ago, and my computer hung up during the last part of uninstall
when a message came up about NTFS associations or something like that.

 

[David H. Lipman]

From: "Wilbur Post" <[email protected]>

| ||
| I think it's their full blown trial version that did it. I loaded that a
| few weeks ago, and my computer hung up during the last part of uninstall
| when a message came up about NTFS associations or something like that.

That's correct.