Author Topic: Packed keygens: who does Avast "know" which one to ignore?  (Read 14514 times)

0 Members and 1 Guest are viewing this topic.

Offline beranger

  • Newbie
  • *
  • Posts: 11
Re: Packed keygens: who does Avast "know" which one to ignore?
« Reply #15 on: October 05, 2010, 08:54:58 AM »
BTW, Logos, could you post the scan of your license sticker for your Windows 7/64 Ultimate? Where have you bought it?

Offline larsson

  • Newbie
  • *
  • Posts: 9
Re: Packed keygens: who does Avast "know" which one to ignore?
« Reply #16 on: October 05, 2010, 09:02:09 AM »
So if you want to penetrate Avast!. Just embed your malware in a keygen.exe-file. Zillions of
people will ignore any alert. It´s just a keygen!

Offline beranger

  • Newbie
  • *
  • Posts: 11
Re: Packed keygens: who does Avast "know" which one to ignore?
« Reply #17 on: October 05, 2010, 09:17:13 AM »
So if you want to penetrate Avast!. Just embed your malware in a keygen.exe-file. Zillions of
people will ignore any alert. It´s just a keygen!
1. Avast is not the only AV on the planet.
2. keygens are not used by zillions of people.
3. Alerts are not ignored by zillions of people.
4. Not all the keygens are the same. Hence my initial question.

Offline medway01

  • Jr. Member
  • **
  • Posts: 44
  • Mine I tells ya !
Re: Packed keygens: who does Avast "know" which one to ignore?
« Reply #18 on: October 05, 2010, 11:21:14 AM »
I do not miss the point of your question, you asked why some AV products marked your stash of keygens as infected and some do not, a possible answer is there for you to read, another possible answer is given by yourself.

You do realise that AV products are there in an attempt to protect what is valuable to those who have items of value, be it software, levels played in games or personal data or their personal identity, how those products work is for the developers to know and confidential.

On the face if it you do not seem to be amongst those who value the protection offered by AV products and you give the impression that you do not consider yourself to have anything of value to protect, you can resinstall and use your keygens and free software, it costs you nothing.
« Last Edit: October 05, 2010, 11:22:47 AM by medway01 »
< Twas a sea cap't till someone sunk me boat and stole me rubber duck >

        Windows 7, MSI NEO 2 + 2Gb Ram + 2.4 Gz dual core

Offline beranger

  • Newbie
  • *
  • Posts: 11
Re: Packed keygens: who does Avast "know" which one to ignore?
« Reply #19 on: October 05, 2010, 11:47:24 AM »
On the face if it you do not seem to be amongst those who value the protection offered by AV products and you give the impression that you do not consider yourself to have anything of value to protect, you can resinstall and use your keygens and free software, it costs you nothing.
I have plenty of important stuff -- from documents to the fact that I am shopping a lot online. FYI, only for e-books (mostly ePub) alone I have paid 600 EUR. (And yes, I have removed their DRM encryption. I don't give a shit on what the law says, I don't want to rely on ADE to allow me to copy them on my e-readers.)

OTOH, I do backup my data.

Also, I have used ALL the operating systems on planet Earth except for Mac OS X, and I have NEVER been virused, not even once, since 1993! Never ever. And yes, I have been exposed to plenty of malware!

(OK, I have also been using dozens of Linux distros, NetBSD, FreeBSD, etc. But I still had a Windows somewhere. Except for some 6 months, always.)

FYI, when I have used a commercial AV solution (e.g. Panda, Kaspersky) or a commercial version of an AV, I've always PAID for it (or I have legally used a graciously offered 6-mo or 1-yr license; offered by *them*, not online). It's stupid to crack your security solution!

Yet, false positives are pissing me off. ALWAYS.

I once had a collection of keygens I'VE NEVER USED, just to test how the major AV reacted to each of them (not only VisusTotal.com, but the actual AV experience). This is how I discovered that BitDefender wouldn't allow me to configure it to ASK me what to do, because BitDefender just wanted to delete (not quarantine, but delete) a specific keygen BEFORE telling me "hey, I deleted a malware"! (Maybe that one was used to crack their own AV? I dunno.)

It is my right to archive files and I want a security solution to give me *competent* estimates, not wild guesses. I'd also prefer to have the choice of what to do -- default actions often suck.

(Off-topic: how many people would actually pay $59.95 for a text editor such as UltraEdit? The "correct" price would me more like $19.95 IMHO... OTOH, TextEdit can be used "as shareware", it's fully functional indefinitely, the registration only removes the splash screen AFAIK. And AptEdit Lite is 100% free.)

Offline Mr.Agent

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2769
  • Proud to be an avast! user.
Re: Packed keygens: who does Avast "know" which one to ignore?
« Reply #20 on: October 05, 2010, 03:12:09 PM »
I have to take extra precautions to archive my keygens -- which are less than 10, but I still want to have them, just in case...
Make avast exceptions (or put all of them in a folder and make an exception).

+1 Best answer without fighting. Nice one Tech i alway like you because your so simple.

But beranger i want to teach you something. Just beware when you surf in these sites ok mate ? Just be sure that you wont get infected, others ways dont blame avast! to dont have warning you before.

Also maybe just to scan on VirusTotal.com wont maybe show you all presents inside the file(s). Sometimes the virus can be hidden or mores...

Also if your there to judge others to say they are "idiots", "morons" or anythings elses. Then the door is open for you. We are there for help peoples no to judge or make a conflict between something. So if your that kind of person im invite you to revise your texts before posting. So you can think if its can offense someone or no. Also this is for all peoples that is concerned.

Thats all, stay safe guys/girls.

Mr.Agent
« Last Edit: October 05, 2010, 03:23:56 PM by Mr.Agent »

Offline beranger

  • Newbie
  • *
  • Posts: 11
Re: Packed keygens: who does Avast "know" which one to ignore?
« Reply #21 on: October 05, 2010, 03:28:24 PM »
+1 Best answer without fighting. Nice one Tech i alway like you because your so simple.
Everyone knows that. The problem is, exceptions work only with the on-demand scan, not with the resident on-access shield.

But beranger i want to teach you something. Just beware when you surf in these sites ok mate ? Just be sure that you wont get infected others ways dont blame avast! to dont have warning you before.
As I previously said, I personally have never been infected, so I couldn't even blame anyone for something that never happened!

Also maybe just to scan on VirusTotal.com wont maybe show you all presents inside the file(s). Sometimes the virus can be hidden or mores...
Absolutely.

Also if your there to judge others to say they are "idiot", "morons" or anythings elses.
But they are. This is not a court of law, and even if it was, intellectual property infringement must be proved. I was simply asking a technical question about false positives and they're acting like the prosecutor's office!

Offline Mr.Agent

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2769
  • Proud to be an avast! user.
Re: Packed keygens: who does Avast "know" which one to ignore?
« Reply #22 on: October 05, 2010, 03:32:23 PM »
1. Go on the Files Shield > Expert Settings > Exclusions.

2. Well just in case that its happen.

4. We are no in a court but the respect is not only in a court its also every places that you see and any persons between you. Now i talk to you no the others and i think the others did understand now. If not then be more mature than them then dont insult them and leave the subject.

Mr.Agent

Offline beranger

  • Newbie
  • *
  • Posts: 11
Re: Packed keygens: who does Avast "know" which one to ignore?
« Reply #23 on: October 05, 2010, 03:40:38 PM »
1. Go on the Files Shield > Expert Settings > Exclusions.
Thanks! I dunno why I was given the impression that exclusion only work with on-demand...

Offline Mr.Agent

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2769
  • Proud to be an avast! user.
Re: Packed keygens: who does Avast "know" which one to ignore?
« Reply #24 on: October 05, 2010, 03:43:02 PM »
Its just a first look on the settings and we can find it. ;) No problem.

Also if you wanna be sure its a false positive u can send the file to the chest and send to avast! so they check it and confirm it. Only if you want.

Mr.Agent

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83749
  • No support PMs thanks
Re: Packed keygens: who does Avast "know" which one to ignore?
« Reply #25 on: October 05, 2010, 04:02:12 PM »
1. Go on the Files Shield > Expert Settings > Exclusions.
Thanks! I dunno why I was given the impression that exclusion only work with on-demand...

Well if you have no intention of actually using them (as you stated earlier) then you would only need to exclude from on-demand not on-access scans.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.7.2425 (build 20.7.5568.595) UI-1.0.558/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline beranger

  • Newbie
  • *
  • Posts: 11
Re: Packed keygens: who does Avast "know" which one to ignore?
« Reply #26 on: October 05, 2010, 04:04:51 PM »
Well if you have no intention of actually using them (as you stated earlier) then you would only need to exclude from on-demand not on-access scans.
Manipulating the archive folders (on an external HDD) would trigger the on-access scan.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83749
  • No support PMs thanks
Re: Packed keygens: who does Avast "know" which one to ignore?
« Reply #27 on: October 05, 2010, 04:18:35 PM »
But, as you said you aren't going to use them so why manipulate the archive. I can open an archive, but without extracting the contents (creation of a new file on the HDD) avast doesn't alert on the default settings. Archives are inert and as such don't present an immediate risk.

So the file system shield doesn't scan them unless you extract and try to run the contents, or increase the sensitivity, change the, scan when opening, packers,  actions, etc. to scan all files in the file system shield expert settings.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.7.2425 (build 20.7.5568.595) UI-1.0.558/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline beranger

  • Newbie
  • *
  • Posts: 11
Re: Packed keygens: who does Avast "know" which one to ignore?
« Reply #28 on: October 05, 2010, 04:29:56 PM »
But, as you said you aren't going to use them so why manipulate the archive. I can open an archive, but without extracting the contents (creation of a new file on the HDD) avast doesn't alert on the default settings. Archives are inert and as such don't present an immediate risk.

So the file system shield doesn't scan them unless you extract and try to run the contents, or increase the sensitivity, change the, scan when opening, packers,  actions, etc. to scan all files in the file system shield expert settings.

By "archive" I mean "archived/stored/saved files", NOT "compressed archives"!

So moving a file from HDD1 to HDD2 involves creating a file on HDD2. Normally, this should be scanned. All the decent antiviruses do that (even the indecent ones)!

I am also rearchiving contents from older CD/DVDs to newer ones and all I care is to make a copy of them, not to have files deleted. Of course, I could disable avast during this, but as a general rule... I don't like False Positives!

Offline Aethec

  • Jr. Member
  • **
  • Posts: 80
Re: Packed keygens: who does Avast "know" which one to ignore?
« Reply #29 on: October 05, 2010, 05:46:03 PM »
If the detection rate on your keygens is more than 50% of all AVs, how do you know they are clean? The fact you didn't notice suspicious activity doesn't mean there is none.  ;)