KIS 2012 missed a threat

Status
Not open for further replies.
V

varunit

Level 1
Thread author
Sep 16, 2011
37
3
27
35
India
Hello friends, I am wondering that the websites like

Code: 
hxxp://malc0de.com/database/

and
Code: 
hxxp://www.malwaredomainlist.com/mdl.php
contain really malware samples?

I used to download some exe's from their sites and test/play with my AV :D

I use KIS 2012 and just came around a typical sample..

The jotti scan with that sample confirmed it as a malware even by KIS, but it isn't detected in my system and KIS says its a clean file... :huh:

Jotto scan results



Edited: Earth
 
Process name: VNC-Server
Application using this process: RealVNC Ltd
Process author: RealVNC Ltd

The file winvnc.exe is a component of the Virtual Network Computing or VNC application protocol from RealVNC Ltd. RealVNC which is mainly an application for the client and server sides' network provides a control protocol that allows a user to gain via remote access another computer's desktop.
Click to expand...

ThreatExpert Statistics

Please note: This file is not always a threat.
 
VNC (ultra VNC and other VNC ) are remote control apps that MAY be used in bad ways...but they are not malwares themselves.
 
umbrapolaris said:
VNC (ultra VNC and other VNC ) are remote control apps that MAY be used in bad ways...but they are not malwares themselves.
Click to expand...

Kinda what i was trying to say, but it's all about the wording... ;)
 
It depends cause if the application was performing a suspicious behavior like the malicious one then a pop up will come.
 
jamescv7 said:
It depends cause if the application was performing a suspicious behavior like the malicious one then a pop up will come.
Click to expand...

That is why i put
Please note: This file is not always a threat.
Click to expand...

umbrapolaris is quite correct, the file itself is not malicious, it is how it is used that can be!
 
VNC was used in my school but i managed to get the password (i challenged my teacher that i could have his password) so it becomes a malware in my hand since i can access any computers in the network and do everything i wanted.

VNC was modified to be able to run in a invisible mode (no tray icon,etc...) but i forgot the name, it was a well-known trojan alongside subseven.
 
Status
Not open for further replies.

You may also like...