Inspector Clouseau's "MAXIMUS"

Discussion in 'other anti-virus software' started by Miyagi, Jun 25, 2006.

Thread Status:
Not open for further replies.
  1. Miyagi

    Miyagi Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    420
    Location:
    Honolulu, Hawaii
    Our dear inspector has created a 'virtual-employee' Maximus to detect unknown malware using heuristic analysis and working hand to hand with the inspector. Screenshot below shows Maximus' detection. Note that Authentium also has the same detection name as they use the F-Prot engine. Very impressive!!

    1.GIF
     
  2. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Amazing! Good work Mike!!!!:thumb:


    tD
     
  3. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    I know why he created Maximus :D Less work means more beer. It's as simple as that :D
     
  4. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    This means that F-Prot will now be able to employ him on part time wages lol


    StevieO
     
  5. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    Not only this. Why should i (or somebody else) wasting time in browsing forums, websites etc to read / download undetected stuff. All those kind of work can be automated and it's even fun when you have a "virtual guy" for this purpose with whom you can speak instead of having a black/white batchscript running :D There will be most likely a younger brother of Maximus namely Julius available soon and maybe i make this one public without the ability to interact into our virus things here of course. So the purpose of this virtual friend would be that you can add him easily as MSN contact and you can ask him for advice. This guy will try to help you with strange files and will tell you what to do with it. Besides, a few things which are already running in Maximus will be included, such as outbreak alerts and general virus information. Those "virtual msn av buddy" things are of course my private playground, so it will be available when i have some time to finish Julius. Maximus is not the problem since it's anyway restricted to work only with my accounts together. But julius would be a free one and for this purpose i need to include layered socks handling for each custom MSN connection.
     
  6. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    Ah oh yes i forgot one thing. There's a really useful features in those bots. You can live-bookmark interesting things via command "!notify if_changed" in forum threads. if you read something interesting you send via MSN chat to the guy this command and it will send you back a MSN message with a link when there is a new reply. Maximus is lurking around in a lot of "underground" boards in this way :D
     
  7. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    hmm...I have the copyright for that pic. :D :D :eek:
    See here: https://www.wilderssecurity.com/showthread.php?t=136779

    Joking of course.
    Impressive IC! Good work again! Can Maximus clean my roo? :D. I can let him use my vacuum cleaner...I'm too busy to do it...and yes, a little massage while I'm learning. :p
     
  8. kalpik

    kalpik Registered Member

    Joined:
    May 26, 2005
    Posts:
    369
    Location:
    Delhi, India
    Julius would be really cool inspector!
     
  9. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,818
    Location:
    Innsbruck (Austria)
    I noticied many additions with Maximus in the detection name. Some various tousands of samples were detected with it.
     
  10. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    This is quite impressive Mike :) Good (detective) work.
     
  11. Durad

    Durad Registered Member

    Joined:
    Aug 13, 2005
    Posts:
    591
    Location:
    Canada
    :D

    I can't believe!

    I would name it "she.." heehe
     
  12. Miyagi

    Miyagi Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    420
    Location:
    Honolulu, Hawaii
    Bravo!! Watching Jotti became interesting ;)

    bravo.gif
     
  13. SSK

    SSK Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    976
    Location:
    Amsterdam
    How do we classify Maximus? As "out-program heuristics"? :D
     
  14. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    HiRE - Heuristics in Real Environment

    Hahaha :D
     
  15. SSK

    SSK Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    976
    Location:
    Amsterdam
    :D :thumb:
     
  16. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    It really sounds so fascinating.
     
  17. Lollan

    Lollan Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    288
    That is soo cool! :)
     
  18. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    Last file scanned at least one scanner reported something about: colors.exe, detected by:

    Scanner Malware name
    AntiVir X
    ArcaVir X
    Avast X
    AVG Antivirus X
    BitDefender BehavesLike:Win32.Backdoor
    ClamAV X
    Dr.Web BACKDOOR.IRC.Trojan
    F-Prot Antivirus Possibly a new variant of W32/IRCBot-based!Maximus
    Fortinet X
    Kaspersky Anti-Virus X
    NOD32 probably unknown NewHeur_PE
    Norman Virus Control X
    UNA X
    VirusBuster X
    VBA32 X
     
  19. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    aha that was you :D Maximus alerted me that there was some detection via MSN Message look: :D
     

    Attached Files:

    • maxs.jpg
      maxs.jpg
      File size:
      74.9 KB
      Views:
      1,484
  20. SSK

    SSK Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    976
    Location:
    Amsterdam
    OT:

    Mike: email GOD at F-PROT.COM o_O o_O o_O o_O o_O

    You've been promoted o_O :D :ninja:

    /OT
     
  21. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    of course he was.... :D
     
  22. mikel108

    mikel108 Registered Member

    Joined:
    Dec 10, 2004
    Posts:
    1,057
    Location:
    SW Ontario, Canada
    So is Maximus prone to FP's too? I was just on my ISP site and they have THIS listed in their breaking news. This is for Freedom Antivirus (Command AV). Just curious, it's not a pointed remark about Maximus.

    Best,
     
  23. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Every heuristic engine can make a mistake.
     
  24. mikel108

    mikel108 Registered Member

    Joined:
    Dec 10, 2004
    Posts:
    1,057
    Location:
    SW Ontario, Canada
    Completely understandable. Now if I understand right, Maximus writes the code to clean tooo_O
     
  25. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Actually the Maximus family is made up of twins -- Hidari Maximus (brother) & Migi Maximus (sister). They are a well-rounded pair with an amazing ability to go directly to the seat of any security problem.

    Seriously, though -- Maximus is a superb bot that only a genius like the Inspector could give birth to. I salute you.
     
Thread Status:
Not open for further replies.