any insights about this - ImmunizeNOW!

Discussion in 'other anti-malware software' started by Painkiller, Mar 27, 2007.

Thread Status:
Not open for further replies.
  1. Painkiller

    Painkiller Registered Member

    Joined:
    Aug 24, 2004
    Posts:
    42
  2. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    975
    Very similar to Spyware Blaster, except protections are separated by type (activex, cookies, etc).
     
  3. Assiste.com

    Assiste.com Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    17
    Location:
    Here and now
    Hello,

    It is too early to give an opinion but this analysis must lead to the suspension of any use of this product for the moment. False Positive ? Crapware ?

    http://assiste.com/m/forum/immunizenow_de_mntolympus_org.gif

    The same analyze against SpywareBlaster :

    http://assiste.com/m/forum/spywareblastersetup351.gif

    This requires fuller investigations.

    Notice that SpywareBlaster does not have to remain running in the background but ImmunizeNOW! has an add-on : WebFlash-Control for disabling / enabling Flash. I did not test it but if it acts as an add-on this means that ImmunizeNOW! must stay running.

    Remember that you can add entries into the original SpywareBlaster List if you think something is missing. A howto and an additional list here :
    http://customblockinglist.cjb.net/

    Sincerely
     
  4. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    975
    It's probably just the registry signatures being detected or maybe the flash control has some trojan like behaviour.

    I'm surprised F-Prot would pick up anything. :D
     
  5. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
  6. Assiste.com

    Assiste.com Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    17
    Location:
    Here and now
    Hello,

    I have an exchange with Phant0m. Yes, the problem comes with UPX packer. I would indeed have to contact him initially.

    After these explanations, I will complete my paper on ImmuniseNOW!, upload it and recommend this product.

    I do not understand why UPX is of any problem with AntiVirus makers (the fact it has been heavily used by hackers ?). On an other side, it is a known problem so why Phant0m don’t use 7zip to archive ImmunizeNOW! in .zip format ? The problem would disappear instantly.

    WebFlash-Control do not require ImminizeNOW! to run. It is a stand-alone tool.

    I will inform you when my page in French on ImmunizeNOW! will be on-line.

    Sincerely
     
  7. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    UPX tool is commonly used to pack Trojans and malicious programs; I guess this is still reason enough for some AV companies, and probably are the only ones that still don’t do or fully runtime unpacking and instead flag files for suspiciousness. - … This of course doesn’t mean that the four shown to detect here doesn’t do runtime unpacking, I don’t often do follow-ups on different AVs features.

    Yes I could archive it, and no installation would even be required, but if and when I do use archive it’ll only be as an addition to the installer. And as foolish as it may seem too many, I’m not going to fold to these big AV companies when they decide to-do things wrongly, whether they decide to flag runtime packed files as suspicious … by giving unreal labelling and all because they simply to busy to add runtime unpacking systems to their products, or they giving out-of-this-world files labelling because of the amount of file submissions…


    What was basically distasteful about this whole thing is that you hadn’t come to me firstly; you felt the need to post several different locations instead of contacting me through product official channels that is available, before hand… In any case I wipe myself off and start with a clean slit between us, also it’s good to be cautious and if I were in the very same position as you were I would be very concerned also; I just would have handled it differently…


    The newer versions of ImmunizeNOW!, ImmunizeNOW! installer doesn’t bundle WebFlash-Control, you have to download separately if want. WebFlash-Control is just a simple small utility addition to provide user conveniences with Flash state toggling through its systray icon along with ImmunizeNOW! main application launching capability on user demand…


    Any further concerns, questions, or suggestions, don’t hesitate to contact me, I do not mind answering and reading possible promising product suggestions…



    Thanks,
    Regards,
    Phant0m``
     
Thread Status:
Not open for further replies.