Inspector Clouseau's "MAXIMUS"

Our dear inspector has created a 'virtual-employee' Maximus to detect unknown malware using heuristic analysis and working hand to hand with the inspector. Screenshot below shows Maximus' detection. Note that Authentium also has the same detection name as they use the F-Prot engine. Very impressive!!

 

Amazing! Good work Mike!!!!


tD

 

I know why he created Maximus Less work means more beer. It's as simple as that

 

This means that F-Prot will now be able to employ him on part time wages lol


StevieO

 

Not only this. Why should i (or somebody else) wasting time in browsing forums, websites etc to read / download undetected stuff. All those kind of work can be automated and it's even fun when you have a "virtual guy" for this purpose with whom you can speak instead of having a black/white batchscript running There will be most likely a younger brother of Maximus namely Julius available soon and maybe i make this one public without the ability to interact into our virus things here of course. So the purpose of this virtual friend would be that you can add him easily as MSN contact and you can ask him for advice. This guy will try to help you with strange files and will tell you what to do with it. Besides, a few things which are already running in Maximus will be included, such as outbreak alerts and general virus information. Those "virtual msn av buddy" things are of course my private playground, so it will be available when i have some time to finish Julius. Maximus is not the problem since it's anyway restricted to work only with my accounts together. But julius would be a free one and for this purpose i need to include layered socks handling for each custom MSN connection.

 

Ah oh yes i forgot one thing. There's a really useful features in those bots. You can live-bookmark interesting things via command "!notify if_changed" in forum threads. if you read something interesting you send via MSN chat to the guy this command and it will send you back a MSN message with a link when there is a new reply. Maximus is lurking around in a lot of "underground" boards in this way

 

hmm...I have the copyright for that pic.
See here: https://www.wilderssecurity.com/showthread.php?t=136779

Joking of course.
Impressive IC! Good work again! Can Maximus clean my roo? . I can let him use my vacuum cleaner...I'm too busy to do it...and yes, a little massage while I'm learning.

 

Julius would be really cool inspector!

 

I noticied many additions with Maximus in the detection name. Some various tousands of samples were detected with it.

 

This is quite impressive Mike Good (detective) work.

 

I can't believe!

I would name it "she.." heehe

 

Bravo!! Watching Jotti became interesting

 

How do we classify Maximus? As "out-program heuristics"?

 

HiRE - Heuristics in Real Environment

Hahaha

 

It really sounds so fascinating.

 

That is soo cool!

 

Last file scanned at least one scanner reported something about: colors.exe, detected by:

Scanner Malware name
AntiVir X
ArcaVir X
Avast X
AVG Antivirus X
BitDefender BehavesLike:Win32.Backdoor
ClamAV X
Dr.Web BACKDOOR.IRC.Trojan
F-Prot Antivirus Possibly a new variant of W32/IRCBot-based!Maximus
Fortinet X
Kaspersky Anti-Virus X
NOD32 probably unknown NewHeur_PE
Norman Virus Control X
UNA X
VirusBuster X
VBA32 X

 

aha that was you Maximus alerted me that there was some detection via MSN Message look:

 

OT:

Mike: email GOD at F-PROT.COM

You've been promoted

/OT

 

of course he was....

 

So is Maximus prone to FP's too? I was just on my ISP site and they have THIS listed in their breaking news. This is for Freedom Antivirus (Command AV). Just curious, it's not a pointed remark about Maximus.

Best,

 

Every heuristic engine can make a mistake.

 

Completely understandable. Now if I understand right, Maximus writes the code to clean too

 

Actually the Maximus family is made up of twins -- Hidari Maximus (brother) & Migi Maximus (sister). They are a well-rounded pair with an amazing ability to go directly to the seat of any security problem.

Seriously, though -- Maximus is a superb bot that only a genius like the Inspector could give birth to. I salute you.