Jump to content


Immunet Insiders
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by markusg

  1. haha tr.dropper is no malware :d i can send you eenough links with tr.dropper.gen malware samples...
  2. markusg

    Virus Total Project

    hi. i think more vendors as listed at vt getting malware. so this means, immunet is not listed in the scan results, but i think they get malware from vt.
  3. this looks like an detection in system volume. try to de-and reactivate it.
  4. also, no problems. and if there are some, i have an image :-)
  5. but you can set special groups and only this groups are able to download, like at mbam forum.
  6. so immunet used the ask toolbar, should all vendors do not like ask blacklist immunet? i do not think immunit will block iobit.
  7. i think they have learn and are not stealing signatures, this is 1 year ago and i do not think its an good idea to blog this.
  8. have a look at statistiks, firefox is more unsafe as internet explorer. ff has 50 securitiy holes in the last 3 months. opera is more safe as firefox and also ie is more safe i personaly use my browser in sandboxie. for updates you can use file hippo. because its not only important to keep windows and java up to date, also adobe and all other applications. http://www.filehippo.com/updatechecker/ right klick the tray symbol, select, settings, results, hide beta updates.
  9. markusg

    New User

    hi, you can not take the vt results and say, a file is malware or not, i have often malware here and the vt results shows 0/43... @Pete is it posible to attach the file, so we can check it.
  10. you can hide all kind of malware in installern, i saw often, tdss icomes with an keygen, so you have packed the real keygen + tdss dropper :-)
  11. i haven't said its an bad result please do not get me wrong. but i think the largest detection parts make the bitdefender engine, so you need perhaps more own technologies, and i know you are developing. it was only 1 point i want to say
  12. i see 1 problem... bitdefender single 99,3 imunet 99.4 this shows imunit it self has to do some work. but conrats, 99.4 is truly a good resoult at all.
  13. ok, you say, large vendors spend time in crawling this sites because of reviews and want to sale. but i think you also want to sale your produkt, so i think you must also watch some public websites, you can create automatic tools and they can download the stuff for you, or perhaps you can also get in contakt with site owners and they send you the stuff. its ok for me to say, you want not to spend to much time in such lists at this moment, but when you can get this malware so easy you have to take it i think. i also think vendors sharing samples to, perhaps get in contakt with other vendors perhaps this is usefull. i also think you need perhaps honeypots and so on, all what helps to detect malware before an user is infected. and you need good heuristics, this is true :-)
  14. ok but the other results are looking good
  15. hmm perhaps you are using an older engine version, or have an other configuration for the engine...
  16. immunit is now tested by mrg http://malwareresearchgroup.com/category/malwareproducttesting this is an interesting test, they test asome malwares against antimalware software. the first result looks good.
  17. for me this looks like "follow symbolic links", sorry perhaps i'm wrong. but avira for exsample has an option to follow or not to follow symbolic links, why not add such an option?
  18. win7 x64 limited user account, uac (max) dep for all processes, sehop, and sandboxie. no av. and a must have for all, backups backups and again backups.
  19. checking for new content i think.
  20. can you send us the virus total analyse link? immunet can use the md5 checksumm and download from virus total.
  21. if you are not able to upoad the file, send us the virustotal result, immunet can download the file from vt directly.
  22. to give you an answer we need an virus total result. or upload the files please.
  23. but when we say to him "the file is clean, you can use it" we give him the help to use illegal software. why should we do it, only say "such software is illegal and not suported by immunet" is the right way. when users reading your answer, they think, we are suporting illegal stuff and check for such users the keygens and so on... i think not this is immunets strategie
  24. http://forum.immunet.com/index.php?/topic/205-w32dropper/page__pid__1079#entry1079 after reading this thread, i want to say the followng, i think its not good to give users help, he in this thread you can see he want to use it for illegal activitis. when an user want to do so, he must life with the risk of an infection. i also think, when such files are fps, please do not remove it, conzentrate on real threads and false positive. its ok when the users think, o o this keygen what ever is an fp, why should we help to use such illegal stuff?
  • Create New...