Mirage Anti-Bot 1.0

Discussion in 'other anti-malware software' started by Dermot7, Feb 9, 2012.

Thread Status:
Not open for further replies.
  1. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    http://fred-de-vries.blogspot.com/2012/02/news-mirage-anti-bot.html
     
  2. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    Your link is not working...get the message of
    Here's a different link- http://fred-de-vries.blogspot.com/2012/02/released-mirage-anti-bot-10.html

    PS- in Chrome I get a message of "The java plug-in needs your permission to run" when I access the page.
     
  3. fredvries

    fredvries Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    49
    @acr1965: This problem arose because I removed the original post that announced the release of Mirage Anti-Bot. Sorry about that.

    Please mail me find bugs, experience problems or have suggestions.
     
  4. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    Installed (on W7 32bit)...Unobtrusive, just runs gently in the background, constantly updating, and using minimal resources. Could be a useful little additional security "layer". Hopefully user more knowledgable than myself may give an opinion.
     

    Attached Files:

  5. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    My bet is that they/the author is making use of the abuse.ch Palevo, SpyEye and ZeuS trackers to get the data.
     
  6. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    Correct m00nbl00d :thumb:
     
  7. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    LOL! I missed that part! :D :oops:
     
  8. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    By the way, at least one antivirus (Kaspersky) detects the file as being malware. I don't recall the exact name; I scanned it this afternoon and forgot to mention it.

    Maybe you'd like to get in touch with the security vendors flagging your tool.
     
  9. fredvries

    fredvries Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    49
    Kaspersky is reporting that Mirage Anti-Bot 1.0 is malware. Panda finds it a suspicious file. I have contacted both companies.
     
  10. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    Is this suitable for my 64bit setup as seen in my sig? Whats the cost?

    Best regards
     
  11. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Now COMODO also detects it as UnclassifiedMalware.
     
  12. fredvries

    fredvries Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    49
    Also: Symantec now detects it as WS.Reputation.1

    I hate that when that happens.

    Contacted them.
     
  13. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    COMODO already corrected the FP, but the others still flag it. I suppose it would take them less time, were you a big player. :ouch:
     
  14. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    They still haven't fixed the false positives. Heck, they had more than enough days, no? o_O

    Indeed, false positives are a plague, in many ways. o_O
     
  15. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Also, I want to know if it runs on 64 bit Windows. Because RUBotted does not.
     
  16. fredvries

    fredvries Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    49
    @Rivalen:
    - Yes, it runs on a 64bit setup.
    - Mirage Anti-Bot 1.0 is free to use.

    @m00nbl00d:
    Symantec fixed the false positive. Now only Panda remains.
     
  17. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Thanks.
    Kingsoft also detected it. I reported that as FP.
     
  18. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    If Panda do not fix you can PM pbust.
     
  19. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    1. Where does it save its downloaded database? Because I can't find anything other than a exe file and a config.ini file.
    2. There isn't any option to run it automatically with windows. I know how to start an exe automatically with windows but that option is indeed needed.
    3. Add proxy authentication in connection panel.
    4. How frequently does it check for updates?
     
  20. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Also add a quit warning when closing from tray.
     
  21. fredvries

    fredvries Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    49
    @sg09:
    1. It puts it's info directly in the hostfile. A database or signature file is therefore not needed.
    2. This option will be available in version 1.1
    3. This option will probably available in version 1.1
    4. It checks for updates every ten minutes
    5. Quit warning option will also be included in version 1.1
     
  22. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    I would like to be able to choose how often it checks for updates.

    Best Regards
     
  23. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    So, it just uses the hosts file? Nothing against that, but why not enhance it to also block C&C IPs?
     
  24. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    @fredvries: Thanks for replying. But I can see only the following entry in the host file
    :eek:
     
  25. fredvries

    fredvries Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    49
    @sg09:

    We will fix this as soon as possible. Thanks for alerting us.
     
Loading...
Thread Status:
Not open for further replies.