Author Topic: Better Detection  (Read 4263 times)

0 Members and 1 Guest are viewing this topic.

mouniernetwork

  • Guest
Better Detection
« on: December 05, 2006, 10:06:26 PM »
Hello,

As many of you migh have noticed the Avast team is making progress in detection of new worms and viruses . So here are the results of a file I just tested:

AntiVir  X
ArcaVir  X
Avast  Win32:Warezov-OY 
AVG Antivirus  X
BitDefender  X
ClamAV  X 
Dr.Web  X
F-Prot Antivirus  X
F-Secure Anti-Virus  X
Fortinet  X
Kaspersky Anti-Virus  X
NOD32  X 
Norman Virus Control  X 
VirusBuster  X 
VBA32  X

Keep up the good Work Avast !!!


Al968

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Better Detection
« Reply #1 on: December 05, 2006, 10:33:01 PM »
That is interesting as this is the second Win32:Warezov-?? detection that I have seen in the forums today and neither are listed in the virus database, very strange. The last Win32:Warezov-O? ones listed are -OW, -OX and -OZ, but no -OY.

So there would appear to be a slight imbalance in the signatures and virus database, perhaps they don't update the virus database at the same time as the VPS.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

mouniernetwork

  • Guest
Re: Better Detection
« Reply #2 on: December 05, 2006, 10:45:46 PM »
Actually they are listed  :o
But it appears that they are npt from this month so you have to click on the year 2006 or click here and you will find it:

http://avast.com/eng/vps-content-2006.html

Al968

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Better Detection
« Reply #3 on: December 05, 2006, 10:49:46 PM »
That is the VPS signatures listing, the virus database, on your system can be accessed from the simple user interface menu or right click on the skin and select Virus database, it is here that it wasn't listed.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

mouniernetwork

  • Guest
Re: Better Detection
« Reply #4 on: December 05, 2006, 10:57:53 PM »
Sorry  :P

I didn't see it either  ???

Al968

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11849
    • AVAST Software
Re: Better Detection
« Reply #5 on: December 05, 2006, 11:11:39 PM »
The detections are somehow special (not the usual signatures) - so yes, it is possible that they don't appear in the list of viruses. I guess they probably appear on the list once such a virus is detected ;)

mouniernetwork

  • Guest
Re: Better Detection
« Reply #6 on: December 05, 2006, 11:12:52 PM »
What do you mean by special  ???
I'm curious  ;D

Thanks

Al968

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Better Detection
« Reply #7 on: December 06, 2006, 12:18:02 AM »
I'm curious too, thankfully I'm not a cat ;D
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11849
    • AVAST Software
Re: Better Detection
« Reply #8 on: December 06, 2006, 02:25:33 PM »
I'm afraid I'm going to disappoint you.
This particular detection is actually a false positive, fixed quite a long time ago (2 weeks or so). So, it looks like the Jotti scanner has quite an outdated VPS file... don't know why  :-\

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Better Detection
« Reply #9 on: December 06, 2006, 02:37:47 PM »
I usually suggest people use VirusTotal because it uses the windows version of avast and has more AV engines to compare/check.

Would it make any difference that Jotti uses the Unix/Linux version, I assume that the VPS content is the same ?
Other than Jotti using an out of date set of signatures (if for avast you can only assume for others), which kind of negates its usefulness it is a shame they don't display the VPS version they are using.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security