Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Volker Birk
August 7, 2006, 7:43 pm
rate this thread
Avira's AntiVir does not detect "Shutdown Windows' servers" as malware
because of generic detection algorithms.
It detects "Shutdown Windows' servers" because of a special signature
for this tool.
We did a small testing to proof that: I created a small test program:
This program contains a copy of the code of "Shutdown Windows' servers",
which shutdowns one single service, Universal PnP. If AntiVir detects
with generic signatures, it has to detect this, too.
Then Markus Steinborn testet, if AntiVir realliy detects this. It does not:
Now it's clear, that Avira created a special signature for "Shutdown
Windows' servers", and that they're not detecting "by accident" or
something like that.
It's not necessary to whitelist for Avira, they just have to stop
blacklisting my tool.
Ich würde schätzen, dass ca. 87% aller spontanen Schätzungen völlig für
den Arsch sind.
Ralph Angenendt in firstname.lastname@example.org
- » FYI: Avira reacted about "Shutdown Windows' servers" as malware
- — Previous thread in » General Computer Security