Do you trust your Antivirus?

Discussion in 'other anti-virus software' started by IBK, Sep 16, 2014.

  1. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
  2. guest

    guest Guest

    Thanks, this is interesting. I didn't actually expect PC Mag to have a good article like this one. =V
     
  3. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Well said Mr Rubenking. :thumb:

    This is good because all people doesn't read through Wilders or other security forums where this particular "product" have been discussed to death several times.

    Thanks IBK!
     
  4. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,559
    Tiranium isn't the only security program to utilize VirusTotal.
     
  5. guest

    guest Guest

    Well, the problem is Tiranium is being suspected to violate VT's ToS. Hence the investigation by Mr. Rubenking.
     
  6. malware1

    malware1 Registered Member

    Joined:
    May 26, 2014
    Posts:
    133
    Which one for example?
     
  7. SLE

    SLE Registered Member

    Joined:
    Jun 30, 2011
    Posts:
    361
    You can see a more or less orientation for others, too. For some it depends "who" detects the file and the a signature is simply created cause of others detection or this file is analysed with some priority. Common practice that vendors watch each other or scan with each other (often also in-house...)

    When I create f.e. a harmless file which isn't able to run but triggers a VT false detection from (only) Kaspersky all i have to do is to wait some time and rescan it on VT. It doesn't take long and Quihoo (Trojan.Generic is a name that is given for that) detects it, but also Tencent and Antiy-AVL are very quick (and they use even the detection name of the KL-FP).
     
  8. malware1

    malware1 Registered Member

    Joined:
    May 26, 2014
    Posts:
    133
    You misunderstood the article. There are more AV vendors that use only detections from VT, not all really analyse samples (see Baidu for example). There's a human or an automated system that checks latest files so detections are often copied.

    It's currently done by almost all scanners available at VT.

    The difference is that their AV doesn't connect directly to VT and say 'clean' or 'malware' based only on the scan report.

    Tiranium connects to VT on their servers and detects the file if there are enough detections.
     
  9. SLE

    SLE Registered Member

    Joined:
    Jun 30, 2011
    Posts:
    361
    No no, i understood :)

    My example was because of your re-question @clocks who else utilizes VT. Sorry I don't understand utilize in a form that implicies direct connection.

    But the funny thing about the detection copying (what many do - for years) is that so many AVs detect useless crap and so many users believe that crap is malware...strange circle!
     
  10. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,559
    Based on the thread on this forum, it would appear that SecureAPlus program does.
     
  11. malware1

    malware1 Registered Member

    Joined:
    May 26, 2014
    Posts:
    133
    I thought it's just their own multi-engine scanning, are you sure it's VT?

    Crystal Security also uses VT, but it was allowed.
     
  12. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Darn right I do. First AV I ever did trusted fully to do what it claims at a high percentage level without petering out over time. Even if Qihoo backdoored my entire file inventory, they are very welcome to it because it's detections and captures certainly have far outweighed any potential privacy concerns I might have. :thumb:
     
  13. Wroll

    Wroll Registered Member

    Joined:
    Nov 29, 2011
    Posts:
    549
    Location:
    Italy
    Only when cleaning PCs.
     
  14. Austerity

    Austerity Registered Member

    Joined:
    Jun 21, 2013
    Posts:
    367
    Location:
    Georgia / USA
    Which Qihoo product do you trust so much? 360 Internet Security is future abandonware.
     
  15. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    There's also some Android borderline malware that uses Virustotal to boost its false positive detection rate while then asking users to pay to have said detections removed. I can't remember the name of the one I stumbled on, but I assume there's tons of them around.
     
  16. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,240
    This has not confirmed for sure yet.
     
  17. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Interesting article. Read it completely!
     
  18. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
  19. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,064
    Sad, but true.
     
  20. qakbot

    qakbot Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    380
    Quite the whackjob. Definitely don't want anything from such a guy running on my computer. Reminds me of Comodo :)
     
Loading...