OK, so I must admit I’m starting to become more annoyed with anti virus vendors as the days go on. Today the vendor of choice on my day job computer decided to catch the malicious code I had on my system.
Wunderbar!
Wait, wait…no. Last time I check Ollydbg is not a trojan. It seems my AV client is getting dumber by the day. More and more the AV is “catching” shadows on the side walk. It sees what “might” be malicious code and sounds the alarm. But, time and again it is a legitimate file with no virus/trojan/remailer/et cetera to be found. And I am getting tired of it. Every time one of these false alarms is sounded there is a triage exercise that is initiated and the ensuing investigation. All of this takes time and well, lets be honest, money. The costs of these types of investigations are mounting and I’m getting a little tired of it.
What’s your malware detection client of choice and why? Care to share?
[UPDATE] Feb 6, 2008 Billy Hoffman has noticed some interesting behaviour as well.
[tags]Antivirus, Malware, False Positives[/tags]