Malware immunizer

Discussion in 'other anti-malware software' started by Hefaistos22, Apr 29, 2008.

Thread Status:
Not open for further replies.
  1. Hefaistos22

    Hefaistos22 Registered Member

    i just found that program on the internet.Looks interesting.anyone wanna test it?:)

    ht tp://

    Malware Immunizer is a free and very useful application that was created to protect your system against known malware and maybe unknown ones. It can prevents some of the malware from installing on your system, which means that you still need an anti-virus software and a firewall.

    How does Malware Immunizer works?
    Malware Immunizer is a very simple tool that only create files and folders on your hard disk drive! So how does it prevent the installation of malware?
    Actually when you execute a executable file or installer, it may unload or create files on your hard disk drive. Let said a virus want to create a file named virus.exe on C: (C:\virus.exe), however if a folder named virus.exe already exists on C: (C:\virus.exe), the malicious file will not be written or overwrite the folder. Malware Immunizer make use of this behavior to prevent installation of malware by creating folders of known malware filename with path used by the malware. Note that it mostly only prevent installation of the core files that will be run every time the system boot up, meaning that when a malware is executed it may create other malicious files that must be cleaned using antivirus program. Likewise files will be used to prevent the creation of malicious folders which can contain harmful files.
    Last edited by a moderator: Apr 29, 2008
  2. Dark Shadow

    Dark Shadow Registered Member

    Yes, you do please keep us posted of your findings:D
  3. Ilya Rabinovich

    Ilya Rabinovich Developer

    I can imagine how many crap folders it will put to your hard drive... Wow, it's something!
  4. Dark Shadow

    Dark Shadow Registered Member

    :) :)
  5. Firebytes

    Firebytes Registered Member

    ...besides the extra folders I wouldn't want, I wonder how many false positives, etc., that this would cause from other security tools?

    I think I will pass on this one:thumbd:
  6. Peter2150

    Peter2150 Global Moderator

    I just checked out the website. I'll take a pass on this one.

  7. ErikAlbert

    ErikAlbert Registered Member

    :thumbd: :thumbd: :thumbd:
    Don't need this one, I have something much better and without extra folders.
  8. Tarq57

    Tarq57 Registered Member

    Tried this, briefly, over a year ago.
    False positives plentiful, though there is a workaround. See here.
    I'm surprised it's still in existence, actually.
  9. dendrobates

    dendrobates Registered Member

    Let's assume that there are 8 Million different malware samples out there,
    and 5 million have a unique file or directory name.

    It only has to create this 5 million files/directories,
    i like to test with malware a few times a day, so i only need to uninstall the 5 million files/directories test and reinstall the 5 million.
    If i will do this 10 times a day, i can test my harddisk on overheating at the same time!
    oops, i must not forget that my hourly backup syncs all changed files to my other disk ...

    Another thing is, when malware wants to infect a system file, it will be the safest way to overwrite the system file with this I/O tester as well,
    then you will be sure, it doesn't infect your real system file.

  10. Tarq57

    Tarq57 Registered Member

    IIRC the number of immunizations was well shy of "millions". Hundreds, or possibly a few thousand.
    Not exactly a comprehensive vaccination.
    Took a few seconds to disable them, from the GUI.
  11. dendrobates

    dendrobates Registered Member

    You can remove them with unticking all the 50 checkboxes before each malware name?

    Sorry, but i think this whole idea of fighting malware this way is funny
    Last edited: Apr 29, 2008
  12. Tarq57

    Tarq57 Registered Member

    To clarify; you remove the immunizations via the GUI, in much the same manner as the protections can be enabled/disabled in Spybot, or SpywareBlaster. (When they had a forum running, long gone, that was recommended prior to scanning with AV or AS.)
    The screenshot on the home page shows that it immunizes against 1472 objects- as of the time, almost a year ago, that the screenshot was made.

    It's a blacklist based approach, thus would rely on frequent identification and updating. Which isn't happening, and if it were, the numbers probably fall well short of actual malware in the wild. So, not worth using.

    I don't actually think it's a funny approach at all. Medicine has been using the same philosophy since smallpox started to become preventable.(And an approach that still works for diseases that don't mutate much). A few years ago it would have been considered a novel and innovative invention. Today I see it more as a rather undeveloped and ineffective sideline, an extension of the old paradigm.
  13. dendrobates

    dendrobates Registered Member

    Sorry, it was not polite to think it is funny..

    The thing is, that malware can hide in any file etc. on your system,things ike
    polymorphing and metamorphing make it impossible to implement this idea.
    It should indeed have updates just like an antivirus, but in what would it be better than a antivirus?
    It can only be implemented for malware that always uses the same files or directories, AND that never exists otherwise on your system.
    This narrows your work field too much, to be effective, and can never work, near my personal opinion.

    About the medicine thing, a vaccine doesn't work this way.
    But i do respect any attempt to fight malware.
    There is of course, still not a 100% working solution against malware,
    apart from a read-only system.
  14. Tarq57

    Tarq57 Registered Member

    All true. Agree.
    The vaccine thing is a rather loose analogy, perhaps a better one would be that of a drug designed to block certain receptors, like some painkillers.
  15. aigle

    aigle Registered Member

    A stupid idea indeed.
  16. Hefaistos22

    Hefaistos22 Registered Member

    as i read im glad,that i didnt try that product:D:D i trust my SpywareBlaster:)
Thread Status:
Not open for further replies.