why perform virustotal-based av tests?

Discussion in 'other anti-virus software' started by ronjor, Dec 5, 2008.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,768
    Location:
    Texas
    Kurt Wismer
     
  2. mauricev

    mauricev Registered Member

    Joined:
    Apr 15, 2008
    Posts:
    43
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,768
    Location:
    Texas
    Good point. I'll look at this suggestion.
     
  4. normishmael

    normishmael Guest

    This kind of thing does make me scratch my head a bit.
    This is a really bad dude.
    load it up in a virtual machine and watch your icon bar fill up
    with flashing lights and more pop-ups than Orville Redenbacher.

    Antivirus Version Last Update Result
    AhnLab-V3 2008.12.6.0 2008.12.06 -
    AntiVir 7.9.0.42 2008.12.05 TR/Crypt.ULPM.Gen
    Authentium 5.1.0.4 2008.12.06 -
    Avast 4.8.1281.0 2008.12.06 -
    AVG 8.0.0.199 2008.12.06 -
    BitDefender 7.2 2008.12.07 Trojan.Peed.Gen
    CAT-QuickHeal 10.00 2008.12.06 (Suspicious) - DNAScan
    ClamAV 0.94.1 2008.12.06 -
    Comodo 698 2008.12.06 -
    DrWeb 4.44.0.09170 2008.12.07 -
    eSafe 7.0.17.0 2008.12.04 Suspicious File
    eTrust-Vet 31.6.6245 2008.12.05 -
    Ewido 4.0 2008.12.06 -
    F-Prot 4.4.4.56 2008.12.04 -
    F-Secure 8.0.14332.0 2008.12.07 Suspicious:W32/Malware!Gemini
    Fortinet 3.117.0.0 2008.12.07 -
    GData 19 2008.12.07 Trojan.Peed.Gen
    Ikarus T3.1.1.45.0 2008.12.07 Trojan.Zlob
    K7AntiVirus 7.10.547 2008.12.06 -
    Kaspersky 7.0.0.125 2008.12.07 -
    McAfee 5456 2008.12.06 New Malware.fa
    McAfee+Artemis 5456 2008.12.06 New Malware.fa
    Microsoft 1.4205 2008.12.07 -
    NOD32 3668 2008.12.06 a variant of Win32/Kryptik.CG
    Norman 5.80.02 2008.12.05 -
    Panda 9.0.0.4 2008.12.06 Suspicious file
    PCTools 4.4.2.0 2008.12.06 -
    Prevx1 V2 2008.12.07 -
    Rising 21.06.60.00 2008.12.07 Packer.Win32.VmpPacker.c
    SecureWeb-Gateway 6.7.6 2008.12.07 Trojan.Crypt.ULPM.Gen
    Sophos 4.36.0 2008.12.07 Mal/EncPk-GA
    Sunbelt 3.1.1832.2 2008.12.01 -
    Symantec 10 2008.12.07 -
    TheHacker 6.3.1.2.179 2008.12.06 -
    TrendMicro 8.700.0.1004 2008.12.05 PAK_Generic.001
    VBA32 3.12.8.10 2008.12.06 suspected of Malware-Cryptor.Win32.General.3
    ViRobot 2008.12.6.1504 2008.12.06 -
    VirusBuster 4.5.11.0 2008.12.05 -

    About 50/50 now does this lead me to say Avast!, for example is bad?
    No,If so,I would not have it on a machine.
    Does it mean that Avira is perfect?
    No,without it's heuristics false positives I would never have become such
    a regular at Virus-Total.
    It is really puzzling though.
     
  5. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,768
    Location:
    Texas
    I am going to leave this post as is. mauricev has provided links to similar posts but the subject of those posts is somewhat different than strictly using Virus Total to rate antivirus products on detection capabilities.

    Take a look at this link normishmael. http://blog.hispasec.com/virustotal/22

    No more Virus Total results need to be posted.
     
  6. SoundForce

    SoundForce Registered Member

    Joined:
    Dec 8, 2008
    Posts:
    1
    Why using VirusTotal for AV testing is a bad idea
     
  7. mauricev

    mauricev Registered Member

    Joined:
    Apr 15, 2008
    Posts:
    43
    Did you misread those threads? They are all about the exact same topic here. The post above this one is essentially a duplicate of a post in one of those threads.

    Now for something juicy, the "research" referenced in the other of those threads, http://blog.fireeye.com/research/2008/11/does-antivirus-stop-bots.html has just been referenced in an article in the New York Times, Thieves Winning Online War, Maybe Even in Your Computer (I could have posted it there too, but then it'd be another duplicate ;))

    Here's the relevant text,

    The Times' author is apparently concluding that based on the researcher's Virustotal testing that most commercial antivirus software is virtually ignorant of malware!
     
    Last edited: Dec 8, 2008
Loading...
Thread Status:
Not open for further replies.