flat assembler
Message board for the users of flat assembler.

Index > Heap > Avira antivir is sucks.


Who sucks?
Antivirus
0%
 0%  [ 0 ]
Programmers of antivirus
0%
 0%  [ 0 ]
Together
100%
 100%  [ 5 ]
Total Votes : 5

Author
Thread Post new topic Reply to topic
lamar



Joined: 05 Jun 2009
Posts: 16
lamar
That antivirus is total shit.

Avira often detects my normal files written in assembly language or visual c ++ 6.0.

That is Worm/Zhelatin.Gen,excellent!
Code:
int New_WinMain(int hWnd)
{
 int hFile=INVALID_HANDLE_VALUE;
 int Bytes=0;
 hFile=CreateFile("test.txt",GENERIC_READ | GENERIC_WRITE,0,NULL,CREATE_NEW,FILE_ATTRIBUTE_NORMAL,0);
 if (hFile!=INVALID_HANDLE_VALUE) {
  WriteFile(hFile,data,sizeof data,&Bytes,NULL);
  CloseHandle(hFile);
  MessageBox(HWND_DESKTOP,"unsigned char data written to test.txt","Information",MB_OK | MB_ICONINFORMATION);
 } else {MessageBox(HWND_DESKTOP,"File writting error!","Error",MB_OK | MB_ICONERROR);}

 return 0;
}    

Where data = unsigned char data[69120] = {} (that is notepad.exe).

Sources(I compile that with Microsoft Visual C++ 6.0)
http://www.sendspace.com/file/d8twni

I wrote a simple procedure with high precision repetitive heuristic of the avira.
Code:
//Copyright Avira GmbH (c) 2009!!!
procedure SuperHeur;
const VirusNames : array[0..2] of string = ('Worm/Zhelatin.Gen','TR/CRYPT.ZPACK.GEN','TR/CRYPT.GEN');
begin
 if Random(3)<=1 then MessageBox(0,PChar('Virus found in file: "i_am_clear.exe"'+#13#10#13#10+VirusNames[Random(3)]),'Oh shit!',MB_OK or MB_ICONWARNING);
end;
    


The most interesting here, who are sucks? Programmers or the antivirus or all together.
That time to stop using that av Wink


Last edited by lamar on 03 Jul 2009, 00:07; edited 1 time in total
Post 02 Jul 2009, 23:39
View user's profile Send private message Reply with quote
windwakr



Joined: 30 Jun 2004
Posts: 827
Location: Michigan, USA
windwakr
Try turning heuristics down or off and see if that helps.

If you don't know how to change heuristic options:
Extras->Configuration, press "expert mode", Open Scanner->Scan->Heuristic
Post 02 Jul 2009, 23:57
View user's profile Send private message Reply with quote
lamar



Joined: 05 Jun 2009
Posts: 16
lamar
Tray icon->Configure AntiVir.

1)
Scanner->Scan->Heuristic
I disable "AHeAD".
2)
General->extended thread categories
I uncheck "Unusual runtime compression".

Again detection and on virustotal same that.

added(1):
Packing compiled files using UPX 3.03w provides the following effect: "TR/Crypt.XPACK.Gen".
Post 03 Jul 2009, 00:05
View user's profile Send private message Reply with quote
windwakr



Joined: 30 Jun 2004
Posts: 827
Location: Michigan, USA
windwakr
Well, then get a new antivirus and stop complaining.
Post 03 Jul 2009, 00:40
View user's profile Send private message Reply with quote
asmcoder



Joined: 02 Jun 2008
Posts: 784
asmcoder
[content deleted]


Last edited by asmcoder on 14 Aug 2009, 14:49; edited 1 time in total
Post 03 Jul 2009, 06:02
View user's profile Send private message Reply with quote
sinsi



Joined: 10 Aug 2007
Posts: 693
Location: Adelaide
sinsi
The best anti-virus is your brain - hang on, I've said that before.
I haven't used any security for over 2 years now, number of infections = 0. This is with xp home and win7 beta, and the 'horrible' ie6/7/8.

Every computer I clean up already has anti-virus on it (some people actually pay for it!) but the user lets it in anyway Laughing
Quote:
antivirus = waste of memory and cpu.

and money (even if it's free you still pay for downloading 70 meg).
Post 03 Jul 2009, 06:21
View user's profile Send private message Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
sinsi wrote:
and money (even if it's free you still pay for downloading 70 meg).
depends on service. I pay a fixed (small) amount per month and have 1MB/s (bytes) connection Smile

_________________
Previously known as The_Grey_Beast
Post 03 Jul 2009, 12:46
View user's profile Send private message Reply with quote
windwakr



Joined: 30 Jun 2004
Posts: 827
Location: Michigan, USA
windwakr
Ya, who pays per amount they download? Maybe back in the 90's or something, but seriously what ISP charges per amount used nowadays?


I have a download cap per month, but its not that bad and its not like I'd ever reach it.
The cap is 250GB. My speeds are pretty good too, Over my crappy wireless adapter on this computer I can reach about 1MB/s, on my computer hooked to my router I can get up to 2MB/s.
Post 03 Jul 2009, 15:02
View user's profile Send private message Reply with quote
Vasilev Vjacheslav



Joined: 11 Aug 2004
Posts: 392
Vasilev Vjacheslav
Quote:
who pays per amount they download?


peoples from Russia
Post 03 Jul 2009, 16:17
View user's profile Send private message Reply with quote
semiono



Joined: 31 Aug 2007
Posts: 176
Location: section '.code' executable
semiono
All antiviruses is crazy!
But avira normal for use Smile
Now I not use nothing.

Some times i scan from av-websites with 10-15 parallel antiviruses,
and thay all reports 3-4...-8-10 viruses found into clean distributive of fasmw.zip ;-
Post 03 Jul 2009, 22:51
View user's profile Send private message ICQ Number Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.