thirteentwentyThis seems to be a continuation of this thread and one other that I started but didn't gain the same momentum...
I use the following snippet to test real time scanning
save as a txt or com file.
mmartinWe have machines been hit with this Fake AV program virus and KES does not detect it at all - not even if you run a full scan. really worrying.
The original post was back in 2010 and I can say, being 2012 now, we have the same problem.
We have had a client get infected with a virus, even though they had KAM and KES installed on their machine. They want to know how this could have happened. So we got a copy of the executable and copied it to my desktop.When I extracted the zip file, the trojan virus was sitting on my desktop as a .exe file, yet AVG didn't find it. I checked and AVG Resident Shield is enabled - both in KES as well as AVG on my computer (screenshot attached)
The thing is, if I right mouse click the file and choose "Scan with AVG", it does get detected as a Trojan.
So it tells me definitions are working properly and knows it's a Trojan. However, my concern is, why is REAL TIME SCAN NOT detecting it in the zip file or as a single .exe sitting on my desktop and removing it automatically before the user tries to execute it?
We too have been having way too many virus infections even with kes and kam installed.