A Simple Open Question for All AV Experts

Hi, folks: We are all aware that the task of AV development is a tough and rewarding one, and all AV vendors do have their means and wills to overcome any barrier and huddle they may face. It has been said; If there is a will, certainly there is a way. I, therefore, dare to post an opne question for all AV experts; During the course of vir.database updates, you may utilize a tool(let's dub it as replicator) to analyze any suspicious program in search of any possible malwares. What would happen if your tool can not read any given language, does this mean that you have to skip all progs using that particular language or else better? I suspect it is a trade secret and perhaps an untold one. As one of the many many AV programs users out there, I need to know something, even a little something. Can you guys reply?

 

Not sure what you mean (specifically with language), but every analyst MUST be capable of dissasembling files into small tiny pieces and find out what it does and how it does that. Sure they have tools and stuff but when they all fail, they have to do it manually. And i'm sure there isn't a thing that could counter that kind of intelligence and self adaptation. Except human error of course

 

Hi, folks: Hi RejZor: To quickly answer your question re language. Let's say, for the sake of discussion, if your tool or analyst can not read American English programs, can you still break into them and search for malwares? or you have to soly rely on your American users submitting samples for analysis?

 

I'm quiet sure they're using UNICODE capable tools... As for the text itself on lets say dialogs used by the malware (if it's spoofing somethinG), i'm sure they have translators (which also work on program translation for other countries) and web translators.

 

Hi,RejZoR: thanks for quick response. I am not a black belt of AV, but now I do understand how to guard myself from any attempt of manipulation made by so-called AV expert. If this honorable guy claims he has a difficulty reading a given langulage, I can safely term him as sending out SOS and his days at job are numbered. Thanks. It is my pleasure to learn some trade secrets from other trade.

 

so your asking what do you do if your english and there is a virus that is in japanese and try to protect your customers against that virus but you cant understand japanese?
lodore