Is a :KAVICHS attachment considered malware?

Discussion in 'Malware Help (A Specialist Will Reply)' started by aliengreen, Jun 6, 2007.

  1. aliengreen

    aliengreen Private E-2

    HiJack This! notes that new malware try to hide in the ADS area of windows (not sure how exactly) and no anti-malware scanner yet exists for these particular nasties. when i did an ADS scan, a consistent attachment at every file end is :KAVICHS. lately when i transfer files from my hard drive to USB flash drive, a message comes out---"an important attachment could be lost if you continue :KAVICHS"... tried to scan with AVG 7.5 free edition and there i find tremendous numbers of files with the same attachments, but as noted by HJT, they are just passed over.

    searching the web brought nothing on this topic whether it is indeed malware or not. it's worrisome because i have not noticed these files before. I would post a HJT scan, but the ADS scan revealed legit applications i use

    i would greatly appreciate any help on this

    thanks
     
    aliengreen, Jun 6, 2007
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Not true anymore! Many tools scan for ADS. And not all ADS streams are malware as you will see below too.

    You either use or have used Kaspersky Antivirus or their online scanning tool. They add this stream to all files that have been scanned to keep track of what has and has not been scanned to help reduce scanning time on subsequent scans. They also have a tool you can use to remove the ADS. See the below links:

    http://www.kaspersky.com/faq?chapter=170704919&qid=156636746

    http://www.kaspersky.com/faq?chapter=170709150&qid=170884737


    I'm not sure how you searched but there is a lot of easily found info on this including the above links.
     
    chaslang, Jun 6, 2007
    #2
  3. aliengreen

    aliengreen Private E-2

    a welcome relief...

    i did install kaspersky av, but found the application a bit cumbersome, unlike others in its class. however,i didn't know it would leave its signature all over the place.

    i searched via google using KAVICHS as the key word and interspersing it with "malware?" "spyware?" and the like...should've been more creative i guess

    well, in any case, it made me write to you guys at major geeks, and you sure are a major help...consequently i know now there are ADS scanners available, and would be researching more on this

    thanks chaslang very much, appreciate the head's up and the links
     
    aliengreen, Jun 6, 2007
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Make sure you use Kaspersky's tool to remove their ADS from your files.
     
    chaslang, Jun 7, 2007
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds