New
#1
WARNING AV fails to find Viruses etc in .TIB archive
Hi all
I've got an ISOLATED machine which I use sometimes for specific AV testing.
Anyway I decided to "Infect it" deliberately with some spyware and a key stroke trojan and then take an image of the system with Acronis True image.
For example this one amongst others.
JS:FakeAV-W [Trj]
These "Archives" are .TIB files.
I then "uninstalled" the Acronis true image product (so the Archive can't be read via normal progams such as Windows explorer).
Now I then booted up a Clean computer (installed directly from the MS RC 7100 official CD with NO extra applications installed. I then installed only drivers from the Mobo CD and the AV software and copied the .TIB file on to a second partition on the "Clean computer".
Kaspersky, AVAST, etc all failed to detect anything on the .TIB file.
I only tried 3 AV software packages so the problem *might* be fixed in other systems.
This seems to be to be a HUGE flaw in some of these AV programs -- if you are restoring an Image you DEFINITELY want it to be clean.
However unless some of these archiving programs open up their formats to the AV companies this is a real potential risk.
So when choosing AV software make sure that backups / image files in the format of your backup software is also handled by the AC software.
Note I only tried "Free" or Trial editions so the "PRO version" might work.
Cheers
jimbo
Quote