trojan test

just wanted to thank everyone for the great info found here which helped me to pick out best virus/trojan software (kapersky,boclean,tds)

I know it is only one sample, but the following pic is an (in the wild) test on jotti

my own scan of the file is as follows

tds - trojan
trojanhunter - nothing found
boclean - trojan (love that single file scan trick)
ewido (free) - nothing found

 

Did you execute the sample? (Otherwise the test is not valid.)

 

True, a number of AT tests show that most AT's total detection rate depends on a combination of both real time and file scanning.

Ie what a AT may not pick up as a filescan it may pick up when the trojan is executed.

 

It's not detected by ewido because it's a Wise Installer which we currently cannot unpack. Once executed the dropped trojan is detected without any problems. Also comparing free to paid versions is really fair...

 

What's the difference between the ewido free and pay as far as the detection rate/engine/etc. goes? I would think the pay offers real-time protection and automatic updates, but that the scanning engine and detection rate would still be the same for both......

 

None... The difference is how the nasty gets detected. If the on demand scan fails (e.g. it fails when a trojan is hidden inside a setup like in this case) the guard catches it once it gets dropped and tries to start.