Page 1 of 2 12 LastLast
Results 1 to 10 of 14
  1. #1
    Senior Member pctek's Avatar
    Join Date
    Feb 2005
    Location
    In the Wild West
    Posts
    21,956

    Default Virus Checkers - AVs

    Been having a long argument with a very smart friend.
    He is a brilliant programmer and hacker? Cracker? Whatever.

    He said AVs are a waste of time cause:

    A)You can avoid viruses by avoiding dodgy downloads
    B)They are bloated and clunky
    3)They don't find them all

    Now we then fought about the various ones. He downloaded and tested quiate a few:

    NOD32
    Kapersky (which he likes best)
    Avast
    AVG
    and I forget what else......

    My NOD is newer than his so I told him to go ahead and send me his nasty little collection of evil viruses.

    Yep, sure enough NOD32 missed 2. One in particular is a rather nasty thing according to my friend, and is not new at all.

    So I checked it with all my progs I have.
    Nothing saw it.

    What my friend does, whatever he downloads, he takes it apart and rummages through the code first. SO he sees any suspect code in them.
    Not exactly practical for the rest of us mere mortals and I said not having an AV for his reasons is like not using condoms cause on the odd occasion one might break.

    But still, he has a point - I wonder how many other nasty little things end up hidden and laughing at us and avoiding detection - and for how long???


    Hmm, going through the onlines now:
    FAIL!!!

    You're clean!
    Kaspersky Anti-Virus has not detected any viruses at this time in the file you submitted.

    Fprot huh. The only one.
    Attached Thumbnails Attached Thumbnails Click image for larger version. 

Name:	Image1.jpg 
Views:	223 
Size:	43.9 KB 
ID:	785  
    Last edited by pctek; 12-10-2009 at 09:06 PM. Reason: Add pic
    wipe your paws.

  2. #2
    Member
    Join Date
    Dec 2004
    Location
    NZ
    Posts
    43,109

    Default Re: Virus Checkers - AVs

    Quote Originally Posted by pctek View Post

    A)You can avoid viruses by avoiding dodgy downloads
    Exactly what Ive said before. And the less you use P2P programs, the better

  3. #3
    Senior Member
    Join Date
    Jan 2007
    Posts
    674

    Default Re: Virus Checkers - AVs

    So did u submitt it to ESET?

  4. #4
    Where is Metla these days Chilling_Silence's Avatar
    Join Date
    Dec 2004
    Location
    Auckland
    Posts
    16,322

    Default Re: Virus Checkers - AVs

    Yeah its relatively easy, you can even play with existing viruses by simply modifying some of the code thats in them. I remember I found one "How-To" a while back, buggered if I remember how I came across it.

    Anyway long and short of it is, by changing the bytecode in two places in this virus file that was only a few KB, it was completely undetected by all the main AV vendors, and it was something like an 8-9year old virus.

    Yes, you *can* survive without it if you're an IT tech, but lets face it, the general populace aren't smart enough to know that Bill Gates and AT&T are actually *not* giving away their millions after some 15-odd years now of the same email doing the rounds.

    For the better part of the population, having an A/V vendor that plays "Catch-Up" on a daily basis to protect them from the most common threats of the day is better than none...
    My tech blog with How-To's, product reviews and general ravings!

    My thoughts on routers and reliability

    Before you ask a question, or before you get upset by a response, see here:
    http://www.catb.org/~esr/faqs/smart-...ons.html#intro

    For an ISP that's dedicated to Naked VDSL2 & UFB, flat-rate, at an affordable price, check out www.whiteice.co.nz

  5. #5
    Senior Member pctek's Avatar
    Join Date
    Feb 2005
    Location
    In the Wild West
    Posts
    21,956

    Default Re: Virus Checkers - AVs

    Quote Originally Posted by Chilling_Silence View Post
    you can even play with existing viruses by simply modifying some of the code thats in them.
    Anyway long and short of it is, by changing the bytecode in two places in this virus file that was only a few KB, it was completely undetected by all the main AV vendors, and it was something like an 8-9year old virus.
    Which is terrible really.
    How long it takes them...........

    And yes I submitted it.

    But I'm more interested now in what my friend is sending me next, he's written some app he wants me to test out.......related to this?
    wipe your paws.

  6. #6
    Where is Metla these days Chilling_Silence's Avatar
    Join Date
    Dec 2004
    Location
    Auckland
    Posts
    16,322

    Default Re: Virus Checkers - AVs

    Details?
    My tech blog with How-To's, product reviews and general ravings!

    My thoughts on routers and reliability

    Before you ask a question, or before you get upset by a response, see here:
    http://www.catb.org/~esr/faqs/smart-...ons.html#intro

    For an ISP that's dedicated to Naked VDSL2 & UFB, flat-rate, at an affordable price, check out www.whiteice.co.nz

  7. #7
    Senior Member
    Join Date
    Aug 2007
    Location
    Wellington
    Posts
    2,313

    Default Re: Virus Checkers - AVs

    Quote Originally Posted by Speedy Gonzales View Post
    Exactly what Ive said before. And the less you use P2P programs, the better
    +1

    When I MUST use P2P, I always use it inside a VM, which I can quickly wipe (by simply shutting down the VM).

    Also, I will run several AV/AS programs against the download after it's finished.
    Last edited by jwil1; 13-10-2009 at 07:59 PM.
    "I would tell you a UDP joke but you might not get it."

  8. #8
    Senior Member Blam's Avatar
    Join Date
    Apr 2008
    Posts
    7,382

    Default Re: Virus Checkers - AVs

    Quote Originally Posted by jwil1 View Post
    +1

    When I MUST use P2P, I always use it inside a VM, which I can quickly wipe (by simply shutting down the VM).

    Also, I will run several AV/AS programs against the download after it's finished.
    Join a private tracker lol....P2P *can* get you nasties, but running it inside a VM seems overkill to me...


  9. #9
    Senior Member pctek's Avatar
    Join Date
    Feb 2005
    Location
    In the Wild West
    Posts
    21,956

    Default Re: Virus Checkers - AVs

    Quote Originally Posted by jwil1 View Post

    Also, I will run several AV/AS programs against the download after it's finished.
    His point. They don't always find the nasties. He's been busy proving that to me.

    And the new thing he sent is just something else to prove the uselessness of our defenses he says. I haven't tried it, I suspect NOD etc won't object, scanning the .exe didn't fire off any alarms - but I wonder about HJT. However I'm not too keen to run it as he says its mostly harmless. Harmless in that its not a wild virus, its something he wrote as a test, but he did say there may be a possibilty that Windows could panic (and what does THAT mean?? - could be quite fun come to think of it...) and upset things and I should have my Ghost image handy.

    Well I do have an image but it is slightly old now, a few changes since and I can't be stuffed, cause in a few weeks I'll be doing Win7 anyway. WOuld be an annoyance so I might leave it for now.

    You know - on occasion after thorough cleaning I've had a customers PC still be a bit unstable or dodgy and thought a frsh install best - I wonder how often that has been because all our checkers have missed something?
    Last edited by pctek; 13-10-2009 at 08:52 PM.
    wipe your paws.

  10. #10
    Apple free and happy KarameaDave's Avatar
    Join Date
    Sep 2009
    Location
    Karamea, YAY!
    Posts
    3,520

    Default Re: Virus Checkers - AVs


Similar Threads

  1. Broadband line checkers
    By davidmmac in forum PressF1
    Replies: 10
    Last Post: 03-05-2009, 08:11 PM
  2. Spyware Checkers - a live test
    By pctek in forum PressF1
    Replies: 0
    Last Post: 18-11-2006, 03:07 PM
  3. re- checkers on line
    By lojos_ in forum PressF1
    Replies: 1
    Last Post: 30-08-2002, 07:23 PM
  4. checkers on line
    By lojos_ in forum PressF1
    Replies: 3
    Last Post: 29-08-2002, 06:23 PM
  5. Windows ME Internet Checkers Game
    By ljhnz in forum PressF1
    Replies: 1
    Last Post: 04-07-2002, 04:06 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •