|
 |
Warp nous apporta ses lumieres en ce 2008/01/01 10:46:
> Alain <ele### [at] netscape net> wrote:
>> The 4 to 7 years old files where detected as virus less than 3 months old :-(
>
> Well, some executable virii infect files without modifying any of their
> dates, so in theory it's possible they are infected.
> (Nowadays it's rarer, though, because most virii are of the independent-exe
> style and don't even bother infecting individual files.)
>
>> Now to find another one that DON'T stay in memory and only scan when I ask it to.
>
> Most AV software for Windows feel like a virus themselves: It's incredibly
> difficult to get rid of them (without uninstalling them completely). They
> will "infect" your entire system.
>
Old virus, in the old DOS days actualy injected themself into executables.
Modern virus inject themself into the OS by adding files that are the viran code
and planting hooks to start those files.
AVG detected several files as infected while they where completely legitimate
and healty.
Some samples of false positives:
AddAware 2007 (straight from lavasoft.de)
wbload.dll (main WindowBlinds file, straight from the developer's site)
skyrocket.scr (a 5 years old screen saver)
ares.exe (ares galaxy) while not finding anything wrong with the installer.
--
Alain
-------------------------------------------------
"If you see me running, try to keep up."
...Back of bomb technician's shirt
Post a reply to this message
|
|
