VirusInfo January 2009 comparative

Discussion in 'other anti-virus software' started by xpsunny, Feb 6, 2009.

Thread Status:
Not open for further replies.
  1. xpsunny

    xpsunny Registered Member

    Joined:
    Jul 16, 2006
    Posts:
    163
  2. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    3,736
    Location:
    New York City
  3. xpsunny

    xpsunny Registered Member

    Joined:
    Jul 16, 2006
    Posts:
    163
  4. harlan4096

    harlan4096 Registered Member

    Joined:
    May 6, 2008
    Posts:
    113
    Location:
    Almería (Spain)
  5. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    lol microsoft? can u say someones been payed off?
     
  6. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    From what I've seen when uploading samples in VT, Microsoft doesnt do too bad with detections, especially with fairly new malware/0-days... see quiet a few .gen!# detections from it.
     
  7. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,513
    Location:
    Annie's Pub
    IBK and others explained it several times very clear: using Virustotal to compare detection rates is wrong. So this (new) Virusinfo test isn't reliable at all.

    <S>
     
  8. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    ye ur statement is pretty obvious just by looking at the test results...
     
  9. TechOutsider

    TechOutsider Registered Member

    Joined:
    Sep 26, 2008
    Posts:
    549
    "b) heuristic detection (detecting yet unknown malware by the method of emulation / code analysis / etc. Examples: "Heur.Trojan.Generic"; "a variant of: XXXXX") "

    Can't you also heruistically match an mutated sample of malware to an existing signature? Does it have to be something like "Suspicious.AH.65" or "heru.gen"?

    As for MS, it does great when it comes to rouges on VT.

    But then, VT uses Symantec Corporate 10.x. Already superseeded by 11.
     
  10. EraserHW

    EraserHW Malware Expert

    Joined:
    Oct 19, 2005
    Posts:
    588
    Location:
    Italy
    Sure, generic signatures are heuristic detection too
     
  11. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    Sunbelt (VIPRE or Counterspy o_O) doesn't seem to be doing well.

    I wonder what exactly they have tested. I was actually considering moving to VIPRE. Currently on McAfee, VIPRE doesn't compare favorably to that.
    Of course, these tests have their limitations. I didn't read the specifics.
     
  12. Malcontent

    Malcontent Registered Member

    Joined:
    Dec 30, 2005
    Posts:
    451
    Location:
    Cleveland, Ohio USA
    http://sunbeltblog.blogspot.com/2009/01/bit-of-vipre-roadmap.html
     
  13. TechOutsider

    TechOutsider Registered Member

    Joined:
    Sep 26, 2008
    Posts:
    549
    How often each ind. virus scanner on VT is updated? Does each AV just update itself on its own accord, or are they all updated at a set time?
     
  14. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Totally not reliable test. :)
     
  15. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    Every few hours normally - http://www.virustotal.com/estadisticas.html (scroll down to "Recent updates")
     
  16. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    That pretty much sums it up.
     
  17. Eice

    Eice Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    1,413
    Not really, but it still gives us a good idea of how things are. Many installed products produce identical results to their counterparts installed on VT, and for those that don't, the difference is often minor. The test isn't accurate to the last decimal, if you want to get picky about that, but that doesn't mean it's not an acceptably decent approximate.
     
  18. Eice

    Eice Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    1,413
    Have you seen how well MS performs on Renos/FakeAlert variants lately?

    Have you anything useful to contribute other than the same tired old anti-MS rhetoric?
     
  19. TechOutsider

    TechOutsider Registered Member

    Joined:
    Sep 26, 2008
    Posts:
    549
    Yep. Just got a "renos" detection yesterday. And at least 5 other times in the past weeks.

    MS is getting better; I even use their OneCare online scan to remove malware.

    Ha, and VT even considers a "Error scanning file" message or a "password-protected achieve" from Kaspersky as infected. Not very sophisticated.

    And VT also has a graph showing "failures in detection". I don't think that is very accurate.
     
  20. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    Depends on how acceptable acceptable is ;)
    I personally dont take much notice of this one...
    1. VT IMO isnt an accurate approximation of detection abilities (at least not accurate enough for my likeing)
    2. Malware sample collection method is flawed (read into the methodology and come to your own conclusions regarding that)
     
  21. Killtek

    Killtek Registered Member

    Joined:
    Feb 22, 2007
    Posts:
    100
    What version of Norton are they using? And why are they using PrevX 1?
     
  22. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,853
    I don't believe in these crappy tests, but I wanted to say that Microsoft have been doing brilliantly well lately, better than Network Associates and Symantec.
     
  23. DjMaligno

    DjMaligno Hispasec/VirusTotal

    Joined:
    Feb 22, 2005
    Posts:
    63
    Location:
    Spain
    This is starting to get boring. It has been said many times that comparatives based on VT are not accurate enough, and you keep posting them again and again. It is a complete waste of time, and reading this threads keeps bringing me a deja-vù sensation.
     
  24. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    Since that is a statement by the guy from VirusTotal himself, we'll close this thread here.

    This subject has been covered over and over indeed. Thanks, DjMaligno.
     
Loading...
Thread Status:
Not open for further replies.