AV Hueristics & rambling

Discussion in 'other anti-virus software' started by Firefighter, Nov 25, 2005.

Thread Status:
Not open for further replies.
  1. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    Re: Here's a question for you all

    Can you name more than one av that has better heuristics than DrWeb? At least in Jotti's this second best heuristics and the second best update frequency combo works pretty well! :cool:

    Best regards,
    Firefighter!
     

    Attached Files:

    Last edited: Nov 25, 2005
  2. OeR

    OeR Guest

    Re: Here's a question for you all

    A lot of false positives and corrupted files in this test.. Its impossible to analise a detection rate of an antivirus using jotti statistics.
     
  3. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    Re: Here's a question for you all

    Did you mean like these? ;)

    Best regards,
    Firefighter!
     

    Attached Files:

  4. Farbod

    Farbod Registered Member

    Joined:
    Nov 10, 2005
    Posts:
    88
    Re: Here's a question for you all

    NOD32, drweb only has generic heuristic :D
     
  5. OeR

    OeR Guest

    Re: Here's a question for you all

    Maybe, who knows?
     
  6. Farbod

    Farbod Registered Member

    Joined:
    Nov 10, 2005
    Posts:
    88
    Re: Here's a question for you all

    Yes, I can. We STOP outbreaks with that. :D good?;)

    meanwhile, loweset fp is for nod32
     
  7. Farbod

    Farbod Registered Member

    Joined:
    Nov 10, 2005
    Posts:
    88
    Re: Here's a question for you all

    It is better that you insert here VirusTotal snapshots...
     
  8. OeR

    OeR Guest

  9. OeR

    OeR Guest

  10. OeR

    OeR Guest

  11. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    Re: Here's a question for you all

    Geez FF! You used to post all sorts of screen captures, statistics for the
    various AVs, and conclusions from your own samples which had a lot of
    bad files. After IBK finally got you to clean all that up you are now doing
    the same thing again using Jotti's site from which you have no idea if the
    samples are good or not.
     
  12. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    Re: Here's a question for you all


    How would anyone know for sure unless they had the specific samples used?

    How do you know all the ones you used for your reports are good or not?
     
  13. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    Re: Here's a question for you all

    Sorry even more. I just couldn't attach these pics. o_O

    Best regards,
    Firefighter!

    PS. Decreased the size and I succeed.
     

    Attached Files:

    Last edited: Nov 26, 2005
  14. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    Re: Here's a question for you all

    Even more pics.

    Best regards,
    Firefighter!
     

    Attached Files:

  15. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    Re: Here's a question for you all

    And once more!

    Apparently at least these 9 snapshots were clean? :)

    Best regards,
    Firefighter!
     

    Attached Files:

  16. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA

    But how do you know all the ones you used for your reports are good or not?

    https://www.wilderssecurity.com/showthread.php?p=616031#post616031
     
  17. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland

    Attached Files:

    Last edited: Nov 26, 2005
  18. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland

    Attached Files:

    Last edited: Nov 26, 2005
  19. Farbod

    Farbod Registered Member

    Joined:
    Nov 10, 2005
    Posts:
    88
    Dear Firefighter,

    Sorry but I must ask you:

    Is it a bad thing?

    Are you sure they are FP?

    Are you a malware analyst?

    Have you seen yet any 100% FP?

    Have you seen yet any Proactive detection?

    Have you seen yet any RU files?

    And do you want I attach a file which is really FP?

    Signature: :ninja:
     
  20. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    Oh, really? And what exactly are they?
     
  21. Pru

    Pru Guest

    FF... come on!

    you can´t say its a false positive or not.... ´cause you don´t know!
     
  22. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    Have you analyzed their behavior? Are you a virus researcher? What makes all these "false positives"? Have you contacted Kaspersky explaining that they are false positives and why? Unless you have done at least some of this, you have not credibility whatsoever. Sorry.
     
  23. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,174
    Location:
    Denmark
    NOD32 has the best heuristics if you look at the real comparisons, not these jotti tests, which is basically the same as the 10 sample home tests, all using dos viruses of course! :rolleyes: :rolleyes:
     
  24. POStMASter

    POStMASter Guest

  25. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    To all:

    How about we try to refrain from making comments of a personal nature?

    Thanks,

    Blue
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.