Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 11:46

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 98 posts ]  Go to page Previous  1, 2, 3, 4  Next
Author Message
 Post subject: Re: Antiviruses hall of shame
PostPosted: 29 Jun 2009 22:12 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
norton is weird.
i just did a full 9 hour system scan a few days ago with Norton 360 2.0 (which includes backup features, antivirus, firewall, antispyware and all the other features from norton)... and the result of the scan considered my 'luigi folder' safe...
so my scan says all the downloaded stuff from luigi is safe, yet this 'Norton Safe Web' Sethioz posted says the website and the downloads on the website are not safe?
wtf?
so it's safe once it's on my computer, but not when it's on a website.... that doesn't make much sense, Symantec.


Top
 Profile  
 
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 30 Jun 2009 16:46 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
well as about the scan, maybe you have a filter for Luigi's tools. if not, then it only proves the point how retarded those companys are.

@Soma
i dont even need firewall, the chances that somebody tries to hack into your pc are very small. im also using wireless, so i have no direct access to my pc.
i only like the "program control". i prefer that to any firewall and AV.
it is annoying sometimes, but its more annoying when some program fucks up your pc. its annoying when trying to play a game, it pops up the thing, but game wont minimize, so sometimes only choice is to press 'reset', but it wont happen much. usually you can blindly click on the popup to allow it or use 'suspend' or alt-ctrl-del to make it minimize.


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 03 Jul 2009 02:59 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
no, i dont have a filter for anything.

the game thing though, yeah i know what u mean.... my N360 2.0 was like, last year's model (now they got 3.0 xD)... apparently their newer ones don't really slow down the computer that much at all... i've read that it's one of the fastest AV's ever now...

Symantec also has a new Norton Antivirus 'Gaming Edition' that is supposed to stop everything while u have a game open... it seems cool and i've read reviews that it works well...
http://shop.symantecstore.com/DRHM/serv ... =108125400

seems cool :P


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 03 Jul 2009 10:32 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
these stupid companies have ever new ideas to steal money from the idiots, and obviously the gaming field is the most proliphic (the first example are the people who spend real money for cheats which is something completely senseless but at the same time seems a big market).

wasn't better to implement a minimalist-mode or idle-mode or pause-mode when a specific application (choosed by the user) is running? zero cost for the user and no additional "product" (blah) for the vendor.


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 03 Jul 2009 11:29 

Joined: 29 May 2009 05:42
Posts: 4
Image

avast! seems to be hating on a brotha too


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 08 Aug 2009 01:19 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
norton firewall against infoboom ^_^
Image

btw luigi, i tried to upload the small pic as an attachment and it says .bmp extension is not allowed, could u allow that for future use please? :)


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 08 Aug 2009 23:15 

Joined: 05 Aug 2009 20:15
Posts: 9
Lol.
Image


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 09 Aug 2009 07:38 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
@evan
nobody should use an uncompressed image format like bmp on a forum, so the bmp extension will be never allowed


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 09 Aug 2009 08:06 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
Quote:
is supposed to stop everything while u have a game open

why would i want this ? i always keep my msn and skype on when im in game, so ppl can leave me messages, or i also use torrent and eMule while playing. if it stops everything, then its very bad.
or does it stop everything new ? .. well either way its crap. cuz my zonealarm blocks everything by default anyways, well it won't block, it pops up an window asking me what to do allow or deny, but until i haven't made a choice, its blocked.
so it sounds very stupid and pointless. instead zonealarm has a 'gaming mode' which allows all new things by default (only outgoing connection attempts) < because if game tries to connect, then zonealarm pulls you out of game and some games crash when this happens (cuz zonealarm freezes game until i allow or deny).

now Luigi is writing "trojans" eh. i wonder if those companys even look what they put in there...or they just throw all freeware and open source in there ?!

Honostly it is very annoying and retarded that they do this, because then you never know if its real malware or just their retarded false alarm :(
specially if i download something from eMule, which is not trustable source, i can never be sure if its real trojan or some retarded false alarm.


Quote:
nobody should use an uncompressed image format like bmp on a forum, so the bmp extension will be never allowed

why would somebody even want to upload bmp ? its 10 or more times bigger than jpg (jpeg) uhh and quality is not much better on bmp. I always save my pics as jpg.


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 10 Aug 2009 04:16 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
well idk anything about image stuff and it's formats, i just thought they were all the same :P

well by stop everything i meant like it stops Norton, not ur I.M.'s, downloads and stuff :P
like it doesn't have any alerts, doesn't update while a game is in full screen mode... also u can choose to have it shut down antivirus while in gaming mode... there's also a manual option to turn on gaming mode if u aren't using full screen

what zonealarm do u have, the full internet security, the antivirus + firewall or just the free firewall?


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 10 Aug 2009 20:51 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
the problem is that the real purpose of the AV has been overvalued and expanded during these years for various reasons (like idiocy of the users and desire of the AV vendors).

an AV has only the work of stopping a malicious code (like that in an infected program) and this is a rare case because the normal state of the usage of a computer is with clean and trusted software.

now in a perfect world the only way to encounter an infected program happens when this one has been taken from an untrusted source, so any source which is not the developer of that program.
this includes the various unofficial mirrors, file sharing, web sharing, stall on the street, friends (oh they are the most untrusted source you can find) and so on.
obviously I'm talking about real and genuine programs made by real people so not the first executable you find on a forum made by unknown people without source code and doubtful purpose.

the only way to get an infected program through a trusted source and a genuine program happens only if the server where was hosted the downloaded file was compromised and in that case there is nothing to do or to complain.

so this is the base of everything, the lower level.
why even surfing of the web is becoming a risk nowadays?
simple because the browser has lost its real purpose so instead of only surfing a website where the download of each file must be requested and confirmed and it's only downloaded (not executed) we have browsers that support activex (something sompletely senseless), javascript, java and tons of other useless things which automate the infection process explained before, so chapter closed.

the games have a particular problem with security because with the introduction of multiplayer and modding has been also introduced the downloading of the files used on the server and unavailable on the clients, a function used in various games and engines (like unreal and quake3) and enabled by default.
personally I find this feature very dangerous and it's not important if the content of the downlodable material is composed only by non-executable material or instead dlls, metacode and other executable stuff... it's a risk. stop.

so just like everything in the world, it just depends on how much the person who uses the computer knows what he is using and what are the pros and cons behind each activated option and feature, the AV should be only an additional help used rarely or in particular circumstances.
well I guess to have said all :)


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 10 Aug 2009 22:30 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
Quote:
well idk anything about image stuff and it's formats, i just thought they were all the same :P

uh look at the damn size of image... if bmp is like 5mb, then jpg would be 200-400kb

Quote:
well by stop everything i meant like it stops Norton, not ur I.M.'s, downloads and stuff :P
like it doesn't have any alerts, doesn't update while a game is in full screen mode... also u can choose to have it shut down antivirus while in gaming mode... there's also a manual option to turn on gaming mode if u aren't using full screen

what zonealarm do u have, the full internet security, the antivirus + firewall or just the free firewall?

ah this makes sense, and it really is good. this is why i keep all auto shit off all the time, auto update, auto scan..etc, it just pisses me off when it starts to update or scan while im doing something, then it just screws up everything, specially with those retarded pop ups, i type in msn for example, then some fucking pop up jumps up and i hit enter at the same time..and i never even see what it was or what i chose ! ..however this mode won't help much if you are not on full screen, i just update and scan on my own.

I have "Zonealarm internet security suite" ofcourse. the main thing i really like about it, is the "program control", its way better than any anti-virus ..or any anti- malicious program defence, or how to call it.
it detects any 'suspecious' action/s and then pops up and asks, allow or deny this program from connecting into internet or allow - deny this program from using some system resources..etc.
im smart enought to know if the program is trusted or not, as Luigi said, nowday AVs suck anyway and they are nothing like the original AVs was designed for. so if i would block all 'malicious' programs, i would not have 90% of my good tools and programs :(


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 17 Aug 2009 23:35 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
Image

so even after i say "Allow" it still deletes it ^_^


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 18 Aug 2009 13:07 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
seems like AV companys still continue their ridiculous stuff :(
norton is very bad anyways...

not just @ evan, but this goes for everybody..
WHY you n**** set your AV to automatic ?
AV has to be on ASK option, ALWAYS. ive seen and heard tons of problems, where some noob says that, wtf my program just disappeared or that it wont run (on cmd case it says access denied), after long and annoying chat with him/her, i find out that he/she has some dumb AV set to automatic treatment and that it screwed it up without any notice.

evan you saying that you have it on 'ask' and you click 'allow' and it still deletes it or you manually chose allow ?
in either case, make sure it has no automatic treatment turned on.

also, never set your av to delete anything, just block, but not delete. thats how i set my ZA up, whenever there is something 'wrong', it will pop up a window, asking me what i want to do, then i choose an action and click ok (rename, delete, repair, ignore once, ignore always..etc)
this also applys to program control, where it asks what do if program wants to connect or accept connections and it also has 'trust level'. for example it detects keyloggers and games that try to 'steal' your keyboard, for example in some games, you are unable to use those extra buttons while in game, because game 'hijacks' those functions.


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 22 Aug 2009 18:38 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
double reply just to get attention :)
here i have included an example of malware that has not been detected as any kind of malware at all.
this is one of those things which will start spamming all of your contacts with phising messages, something like this:
"LMAO OMG is that you ? it sure looks like you, check it out ! http;//idiotedretards.nob/blahdohidiots/you.jpg"

now thanks to zonealarm's "Program Control" i prevented it, but as i said, it did not register as malware of any kind, the screenshot is only of program control's alert, not cuz its malware. so now i understand why lot of ppl have such things in their pcs.
It's because common anti-virus programs will never even detect them.

So ppl who does not zonealarm with program control, should get it.


Attachments:
msn_screenshot_223.jpg
msn_screenshot_223.jpg [ 30.94 KiB | Viewed 2759 times ]
Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 22 Aug 2009 21:25 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
just a note which could be plus or less useful.
online there are some web services which act as "multiple antivirus scanners" of the uploaded file (yeah, like scanning the file with almost any existent AV without having them).
the secondary less known purpose of these websites is then passing some of these files or those which are not recognized (I don't know exactly how it works) to the various AV companies so that they can be reversed and added to their databases (malware reversing is nowadays probably the most diffused job in the world).
so if you find a malware which is not recognized maybe try to upload it on http://www.virustotal.com or others and someone will do the job.


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 24 Aug 2009 00:29 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
Sethioz wrote:
evan you saying that you have it on 'ask' and you click 'allow' and it still deletes it or you manually chose allow ?

yeah i believe it's on ask...
yeah i've 'allowed' it under programs, but thats under firewall settings...
it still deletes it
there is an option to turn off "Auto-Protect" but if u turn off that, u turn off the antivirus protection
if u could, next time ur on MSN, we can connect through Remote Assistance and you can go through my settings for me on Norton 360 and see if u can find anything to change up the settings.

luigi, there's also this online scan: http://virusscan.jotti.org/en


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 24 Aug 2009 22:02 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
most likely it is the auto-protect, only way i can think of is to see if this auto-protect has some advanced options, like what does it do when it finds something. zonealarm has so called auto-protect too, its called "on-access scanning", but it has options what it will do upon detection.
we seem to hijack the topic, so yeah talk in msn.


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 03 Sep 2009 21:56 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
hey friends, remember me contacting kasperksy about the false positive ? i started it nearly year ago (its also discussed in this very same thread). today at morning i sent them another email:

Quote:
Hey, as you can see from below i have already discussed this with kaspersky. its been about 10 months since the last reply, where, as you can see, i got reply that it will be fixed as soon as possible, does it always take years for kaspersky to fix a false positive ? or was this reply just random and meant to 'satisfy' me and was totally ignored by kaspersky ?
on some reason i knew that it will never be fixed, it seems that you ppl are just sticking everything into your 'blacklist' just to show the world that your anti-virus detects the most. most what ? programs ? tools ?
Anti-Virus should prevent virus from making harm to your computer, not to prevent good and unique tools from working.
Luigi Auriemma is without the doubt one of a kind in world, there is nobody else who makes such good and useful tools and research like he does, why does kaspersky (and others) try to put bad reputation on him ?

Where is the problem ? well 'my' problem is discribed below, its been there for nearly whole year, but since you guys like it big and red:

Tool name > Sendtest and Recvtest 0.1 (sendrecvtest)
"these 2 toolz are useful to know how much time is consumed to send and receive a specific amount of megabytes of data between 2 computers (sendtest = client, recvtest = server)"

> > download link - http://aluigi.org/mytoolz/sendrecvtest.zip

These two toolz are reconized as "Exploit.Win32.Aluigi.fi" under risk level "high". it is detected as "type - virus"

If one of you 'geniuses' could please explain to me, what kind of a virus it is and in what way it is dangerous to my computer and how can it destroy my rig, i would be very thankful.

otherwise it would be wise for you guys to remove this nonsense from your blacklist/s, it will look very stupid and lame in public :)


and i got reply in 1-2 hours:

Quote:
RE: confirmed false positive [KLAN-43268112]???
From: newvirus@kaspersky.com" onclick="window.open(this.href);return false
You may not know this sender.Mark as safe|Mark as junk
Sent: Thursday, September 03, 2009 7:47:37 AM
To: sethioz_MAIL" onclick="window.open(this.href);return false

Hello!Sorry, it was a false detection. It will be fixed in the next update.Thank you for your help.


i wonder where i have seen that before ?
oh wait, didn't last reply looked ... well exactly like this one ?
exept that now "as soon as possible" is replaced with "next update"
on some reason i think it will not be fixed, i will test it next week and see how it gets detected, AGAIN. ofcourse i will make sure that it does download some kind of update when i click "update".


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 04 Sep 2009 11:08 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
I bet it will not be fixed.
they care in false positives only if they affect big softwares which could sue them... it's ever the same story.


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 04 Sep 2009 19:33 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
well Luigi, if i would be you, i would sue them. maybe not kaspersky as first, but certainly one of them.
its extremely stupid of them to put you into bad light like this, im sure that you already know that most ppl have no idea that they are false positives.


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 05 Sep 2009 18:27 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
it's their error and a problem of their users so I will not move a finger.
I take care only about the stuff on my website, the rest is not under my control.


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 06 Sep 2009 07:46 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
im just saying, that i would be pissed off if somebody tries to ruin my reputation like that.
anyways, they really did fix that false positive. today i updates my zonealarm's AV (it uses kaspersky database) and it did download something, then i deleted the exeptions and downloaded recvtest and sendtest again, ran the scan and it did not gave any alerts.

it might be my problem, but i doubt. its just that in past i had few cases where exeptions got 'stuck' even when i removed them and clicked ok, they was still there on some reason (but not visible in list). anyways im quite sure it is fixed this time in kaspersky.

now when i get bored again i will bug them again with other tools from Luigi (most likely all of them, cuz Luigi does not have any kind of malware as far as i know, well if you are idiot and flood yourself with some fake player tool, then its other thing already)


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 06 Sep 2009 11:07 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
that's a good news.
some AV have a quick method to report false positives, for example avast allows to do it immediately when you encounter the file wrongly recognized as a menace.
Norton has the following web form: https://submit.symantec.com/dispute/false_positive/
well maybe I need to start to care more about these things, but without having this AV I can only judge (and trust) the results of http://safeweb.norton.com


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 06 Sep 2009 11:26 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
well ok I have just sent a false positive report to Norton/Symantec:
Quote:
this report is in reference to the big amount of false positives reported on:
http://safeweb.norton.com/report/show?u ... rvista.org
http://safeweb.norton.com/report/show?url=aluigi.org

almost any program is wrongly recognized as infostealer, trojan, adware, downloader and possibly other senseless categories.

all the programs are open source and are compiled with Mingw Gcc 4 (options -s -O2) so this should help you a lot in correcting your false positives.
I higly doubt they will correct their errors (that for sure affect also tons of other people) but at least I have done what I was obligated to do.
come on the bets are open :)


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 06 Sep 2009 20:44 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
sometimes you just need to poke it not just under their noses, but into their nose :)
and keep doing that until they get annoyed and understand that complains won't stop before they fix it. really shame that big companys are full of such babys, but again i kind a do understand them too, im sure that they get lots of false, false positive alarms, i mean that some dumb kid downloads something, it says its trojan or whatever, they run it and it works (and logs their info too) and then they start whining to companys.
or they just send some senseless mails and reports to them, so they most likely wont even take it seriously, until they get exact details.


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 07 Sep 2009 18:54 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
wow I have just received the mail from Symantec (so very quickly) and they said to have corrected the false positives.
obviously I don't know how well the false positives have been corrected or what of them of if they have been really fixed, but it's a positive starting point.


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 07 Sep 2009 21:23 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
well i got reply from kaspersky too, very quickly, saying that it was mistake and it will be fixed ASAP, but it took them nearly year and even then another email. so yeah you never know, before you test it yourself and either decline or confirm.


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 20 Oct 2009 14:47 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
EDIT:
i have edited the whole post.
i posted about kaspersky and that i did not got reply, but finally after 3-4 days i did got reply.

i reported proxymini to them, because they added it as virus/malware. first i tought they ignored the email, but i got reply. well it was same as last time.

Quote:
Hello,

Sorry, it was a false detection. It will be fixed in the next update.
Thank you for your help.


Just for you all to know, i will check it after update. my autoupdate is turned off. so i know exactly when i update it and then ill scan it again to see if its fixed.


Top
 Profile  
 
 Post subject: Re: Antiviruses hall of shame
PostPosted: 21 Oct 2009 22:01 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
well done sethioz


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 98 posts ]  Go to page Previous  1, 2, 3, 4  Next

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: