ESET's VB100 run at an end...

Discussion in 'other anti-virus software' started by i_kenefick, Oct 19, 2006.

Thread Status:
Not open for further replies.
  1. i_kenefick

    i_kenefick Registered Member

    Joined:
    Nov 29, 2005
    Posts:
    135
    Location:
    Cork, Ireland.
    Well, according to this http://www.bitdefender.com/NW301-en--BitDefender-10-Becomes-the-Only-Security-Software-to-Accurately-Detect-100-of-Malware-in-Performance-Tests.html a detection which was thought to be a clean file which denied BitDefender a VB100 was actually malware... so only BitDefender gets the VB100 now?

    Well not really. It looks like the determining factor was a detection for a 'hacktool' or 'potentially unwanted program/application'. So ESET's run of 100% detection in VB100 tests continues :)
     
    Last edited: Oct 19, 2006
  2. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    And its a good thing too, because I knew about this for a while now, but the way you had initially posted it is certain to have caused quite a lot of sweaty heads in the world. :D
     
  3. wir.sing

    wir.sing Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    60
    Last edited: Oct 19, 2006
  4. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006

    that video is great IMO.
     
  5. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    Stamford, CT
    Last edited: Oct 19, 2006
  6. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Yes it was, but that time it was VB100's point of view and now its BitDefender's point of view. :D
     
  7. FRug

    FRug Registered Member

    Joined:
    Feb 7, 2006
    Posts:
    309
    I wonder what makes them think that this is worth a press release. The same applies to Avira AntiVir, which found a non-false positive in the last VB test, which also no other AV Software found (not even Bitdefender btw...), but that has got nothing to do with the VB100 Award, since the file in question (both in the bitdefender case as well as the avira case) was not in the ITW set. A miss in the other sets or, in this case the false positive set where the malware accidentally ended up, does not cause a failure of the test.
    To me it seems somewhat desperate to make a press release over that. Just read the title which says "BitDefender 10 Becomes the Only Security Software to Accurately Detect 100% of Malware in Performance Tests". You'll get my point. Should Avira now make a press release about all the other competitors missing a zipped file infector virus in the 'Clean' set?
     
  8. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    Of course, that's the job for an av. :D Thumbs up to AVIRA and the others may fall into the "hall of shame"! :thumb:

    Best regards,
    Firefighter!
     
  9. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Well, good for BD ;) But I'm sure ESET added it too in the mean time.
     
  10. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    There is no need to add a "hack tool" urgently to virus detections. It's as much dangerous as fly **** on your monitor!
     
  11. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    Stamford, CT
    IMO Hacktools shouldn't be included. They as the Inspector said are harmless.
    They should be in the PUP category.

    Personally I get irritated when AV's detect hack tools.
     
  12. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Especially when they detect mostly harmless tools as Riskware. Would you believe it if Dr.Web detects gkweb's WGA Notification Removal Tools as "Tool.WGARemove"? o_O

    But some riskware are detected for good reasons. IMO the riskware detection should indeed be there but it should be left disabled by default in any AV with an option to enable it if the user wishes to.
     
  13. i_kenefick

    i_kenefick Registered Member

    Joined:
    Nov 29, 2005
    Posts:
    135
    Location:
    Cork, Ireland.
    Well yeah... but then again lots of vendors detect the Magic Jelly Bean Keyfinder. It's retarded that a vendor adds detection for something so harmless.
     
  14. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Well, then it's another great news filling BD website... for nothing...
    HackTools are indeed not important. :)
     
  15. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Also, the definiton of a Riskware/HackTool will vary slightly from vendor to vendor. What BitDefender may call a hacktool may not necessarily be riskware for some other vendor.

    Who knows, maybe BitDefender added detection for that file as a hacktool in a desperate attempt to gain a VB100 award? ;)
     
  16. kjempen

    kjempen Registered Member

    Joined:
    May 6, 2004
    Posts:
    379
    Harmless? o_O

    So by this comment are you also stating that it would be ok if someone installed a CD-key viewer on your PC, even without your knowledge, to borrow some CD-keys from your programs? And you wouldn't be annoyed that your AV had the detection of this and could have stopped it, but you wanted the detection removed from their defs so they did?

    In theory, it shouldn't be too hard to run this keyfinder hidden (just use another riskware known as "HideWindows" for example).

    Sorry, but I want my AV to alert me of use of such applications (whether you think it's retarded or not).
     
  17. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    I thought the hacktool sample was in the "clean" sample set, so when you scan the set, you can have a real right result, as infected by one sample, or wrong, but in this case maybe acceptable result, all clean. It's up to you.

    Best regards,
    Firefighter!
     
Loading...
Thread Status:
Not open for further replies.