PDA

View Full Version : iangmin and Zillya Antivirus


NewsArchive
04-09-2015, 08:15 AM
All,

Jiangmin (China) and Zillya (Ukrainian) are the worst antivirus vendors to
deal with. We sent countless emails and filled out multiple online forms
and have heard absolutely nothing back.

Jiangmin still reports "TrojanDropper.Injector.bpqe" (FALSE-POSITIVE) and
Zillya gives a "Backdoor.Agent.Win32.54360" ´(FALSE-POSITIVE).

This is sabotage at its best. We have to give up and accept it.

Their antivirus pattern matchers look for a unique sequence of 12 bytes that
is specific (by their definition) to a piece of malware. And they "found" it in
the SetupBuilder stub loader compiled with Microsoft Visual Studio. Change
1 byte and Jiangmin and Zillya report another trojan/malware. Unbelievable
!!!

We'll make a new SetupBuilder version available within the next 48 hours.
This time, we were able to find out what causes it and with a trick replace
the sequence of "bad" bytes.

Friedrich

--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

--Helping You Build Better Installations
--SetupBuilder "point. click. ship"
--Create Windows 10 ready installations in minutes
--Official COMODO Code Signing and SSL Certificate Partner
NewsArchive
04-09-2015, 08:16 AM
Should read "Ukraine"

Friedrich
NewsArchive
04-10-2015, 02:16 AM
Wow!

--

Russ Eggen
RADFusion International, LLC
NewsArchive
04-10-2015, 02:17 AM
Friedrich,

> Jiangmin (China) and Zillya (Ukrainian) are the worst antivirus vendors to
> deal with. We sent countless emails and filled out multiple online forms
> and have heard absolutely nothing back.

Reminds me of a movie except this one doesn't rate even ONE star!<g>

Lee White
NewsArchive
04-10-2015, 02:18 AM
That's the Zillyest thing I've ever heard of.

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve
I'll search help files & Google for you.
#JeffWeCan https://www.youtube.com/watch?v=6UsHHOCH4q8&feature=youtu.be
NewsArchive
04-10-2015, 05:07 AM
This is what happens when you let a bunch of palookas loose on a
compiler. What a joke. If they have not worked out that there are any
number of sequences that can be repeated in code then they are idiots
indeed. What a joke.

Unless it is in fact sabotage.

Will send all our clients an email to avoid these two outfits and if
they do not we drop all this sort of support that may arise from it or
if they want to pay $10,000 an hour to fix they can continue using it.
That will involve sending them your email and telling them to stop using
it. And then we will split the proceeds with you :-)

J André Labuschagné