How " good " are these anti malware programs ?

Discussion in 'malware problems & news' started by linp, Nov 11, 2008.

Thread Status:
Not open for further replies.
  1. linp

    linp Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    70
    After reading various threads i decided to try some apps.
    I got a crack from usenet and scanned it with :Malwarebytes' Anti-Malware ,SuperAntispyware, Trojanremover and Spybot ;
    none off these apps found anything suspicious.
    I then uploaded this file to " virustotal" here is the result :
    ~Virus Total link removed per Policy. - Ron~
    And to :http://www.threatexpert.com/report.aspx?md5=9c6aed9f1b4ec0947069ad4f70bc13a6
    Any thoughts on this ?
    Lin
    EDIT : i presume Threatfire is from the same company as the above link since thera is a link on that page to Threatfire , i dl this app , and a scan found nothing suspicious.............
    My resident Av ,Nod 32 2.7 ,it found the malware,
     
    Last edited by a moderator: Nov 11, 2008
  2. lordpake

    lordpake Registered Member

    Joined:
    Aug 7, 2004
    Posts:
    563
    Location:
    Helsinki ~ European Union
    So you found something they don't currently detect? No application can detect 100% of malware out there.

    Be a good sport and go submit the samples :)
     
  3. linp

    linp Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    70
    I don't mind submitting the files ,but 6 renowned apps missing this ,makes me think .
    I just dl another crack ,only Nod found it " Futuremark PCMark05 Advanced v1.0.1(Working Keygen).exe - probably a variant of Win32/Injector.DW trojan "
    and Threatexpert :http://www.threatexpert.com/report.aspx?md5=81eaa0640891b5e31260e098cbfa2397
     
  4. swami

    swami Registered Member

    Joined:
    Mar 24, 2006
    Posts:
    171
    How do you know they are malwares? Many companies flag innocent keygens and cracks.
     
  5. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.

    I guess it depends on your definition of "innocent". :rolleyes:

    If all the keygen does is create a key\write it to your system for a particular program then I guess it could be said to be innocent. Still illegal though. :p
    So, should it be flagged? o_O
    What parameters do anti-malware programs use to decide?
    Is it there job to only protect your system or others software products as well? :cautious:

    Very close to going off topic here so I will take my leave. :blink:
     
  6. linp

    linp Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    70
    If you have a look at the link i gave you see that the scan reveals a trojan ; " Trojan.Vundo consists of the following components:
    * HTML code that exploits the Microsoft Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability (BID 11515)
    * A downloader component
    * Adware
    * A DLL module that is installed by the adware "
    I realize many cracks etc get flagged because of heuristics , it would then be a false positive indeed if all it does is alter the exe of the intended target.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.