How " good " are these anti malware programs ?

Discussion in 'malware problems & news' started by linp, Nov 11, 2008.

Thread Status:
Not open for further replies.
  1. linp

    linp Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    70
    After reading various threads i decided to try some apps.
    I got a crack from usenet and scanned it with :Malwarebytes' Anti-Malware ,SuperAntispyware, Trojanremover and Spybot ;
    none off these apps found anything suspicious.
    I then uploaded this file to " virustotal" here is the result :
    ~Virus Total link removed per Policy. - Ron~
    And to :http://www.threatexpert.com/report.aspx?md5=9c6aed9f1b4ec0947069ad4f70bc13a6
    Any thoughts on this ?
    Lin
    EDIT : i presume Threatfire is from the same company as the above link since thera is a link on that page to Threatfire , i dl this app , and a scan found nothing suspicious.............
    My resident Av ,Nod 32 2.7 ,it found the malware,
     
    Last edited by a moderator: Nov 11, 2008
  2. lordpake

    lordpake Registered Member

    Joined:
    Aug 7, 2004
    Posts:
    563
    Location:
    Helsinki ~ European Union
    So you found something they don't currently detect? No application can detect 100% of malware out there.

    Be a good sport and go submit the samples :)
     
  3. linp

    linp Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    70
    I don't mind submitting the files ,but 6 renowned apps missing this ,makes me think .
    I just dl another crack ,only Nod found it " Futuremark PCMark05 Advanced v1.0.1(Working Keygen).exe - probably a variant of Win32/Injector.DW trojan "
    and Threatexpert :http://www.threatexpert.com/report.aspx?md5=81eaa0640891b5e31260e098cbfa2397
     
  4. swami

    swami Registered Member

    Joined:
    Mar 24, 2006
    Posts:
    167
    How do you know they are malwares? Many companies flag innocent keygens and cracks.
     
  5. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.

    I guess it depends on your definition of "innocent". :rolleyes:

    If all the keygen does is create a key\write it to your system for a particular program then I guess it could be said to be innocent. Still illegal though. :p
    So, should it be flagged? o_O
    What parameters do anti-malware programs use to decide?
    Is it there job to only protect your system or others software products as well? :cautious:

    Very close to going off topic here so I will take my leave. :blink:
     
  6. linp

    linp Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    70
    If you have a look at the link i gave you see that the scan reveals a trojan ; " Trojan.Vundo consists of the following components:
    * HTML code that exploits the Microsoft Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability (BID 11515)
    * A downloader component
    * Adware
    * A DLL module that is installed by the adware "
    I realize many cracks etc get flagged because of heuristics , it would then be a false positive indeed if all it does is alter the exe of the intended target.
     
Loading...
Thread Status:
Not open for further replies.