CMC Antivirus

  • Thread starter ForgottenSeer 69673
  • Start date
Status
Not open for further replies.
F

ForgottenSeer 69673

Thread author
Hello

I recently heard of an AV called CMC Antivirus. I have never heard of it before but did see some good detection rates by it. Has anyone used this? It appears to be an Asian product.
Thanks
 
F

ForgottenSeer 69673

Thread author
hi, it's product from my country
It's garbage compared to other well-known AVs. Not recommended

I just tested a bunch of files AVG missed on VT and it flagged most of them along with other well known AV's. It seems to me if 23 AV's detect a file as malicious, it most likely is. I was just curious because I have never seen CMC on Virustotal before is all.
 
Last edited by a moderator:
F

ForgottenSeer 69673

Thread author
I don't recommend relying on projects like these as your primary security solution, projects like this aren't popular nor reputable for a reason.

CMC Antivirus | CMC Corporation

Yahoo Messenger for Live Chat support? It's just abnormal.

I don't recommend using them, and I'd say by using them you're actually risking your protection. I agree with @Evjl's Rain.

I understand what you are saying. All I am saying is I was doing some testing and noticed CMC is now on Virus Total and flagged some AVG undetected files just like the big players where not many else did. That is all I am saying. Maybe just maybe CMC is flagging all files not seen before on VT? I don't know. I did notice even though all the files were not the same malware, CMC flagged them all as the same detection. Just to be clear, I am just testing not looking at this time for new software. I have not even looked into it enough to know if they offer a English version.
 
D

Deleted member 65228

Thread author
@ticklemefeet Maybe they had a sample another vendor hadn't encountered yet, it happens all the time. How prevalent is the sample in the wild? Where does the sample originate from? How many people have been affected by the sample? What was the detection for the sample? etc. All valid factors.

Remember that the engine on VT is not necessarily the one incorporated into the end-user products though. The VT engine may be more/less aggressive than the engine in the end-user consumer products.
 
Last edited by a moderator:
  • Like
Reactions: AtlBo
F

ForgottenSeer 69673

Thread author
@ticklemefeet Maybe they had a sample another vendor hadn't encountered yet, it happens all the time. How prevalent is the sample in the wild? Where does the sample originate from? How many people have been affected by the sample? What was the detection for the sample? etc. All valid factors.

No need for me to down-talk them about the detection, unless it was a false positive then good on them. But in reality it doesn't really make a difference, they don't come close to the technology mainstream vendors have.

You can trust them and try it out if you want but personally I'd recommend against it, that's my personal opinion though. My opinion is based on the fact that I don't think they look particularly professional nor trust-worthy, it's a natural instinct. It doesn't mean they aren't trust-worthy or professional factually.

You can test your VirusTotal theory by finding a new zero-day sample and uploading it to VirusTotal. If they flag it and the detection name is not narrowed down to a specific threat, then re-test with some completely different zero-days which come from a different background. If the result is the same then it means your theory is likely correct. However I've been on VT the past few days and didn't find CMC flagging anything.

Remember that the engine on VT is not necessarily the one incorporated into the end-user products though. The VT engine may be more/less aggressive than the engine in the end-user consumer products.

Opcode, I highly value your opinions. None of the samples had been seen at VT before. All detections were generics form all venders. I just thought when 23 well known venders flagged the files something must be going on. That means not just CMC had FP's but many big time AV's did also. And I am talking the big players here.

Edit: and this is not one file but 14
 
Last edited by a moderator:
  • Like
Reactions: AtlBo and vtqhtr413

roger_m

Level 41
Verified
Top Poster
Content Creator
Dec 4, 2014
3,014
The last time I tried it, it has very poor detection and issues with false positives.

If you download the free version, it is the 2014 version. But when it updates, it updates to the 2016 version. Actually it may update to a newer version now, as it's been a while since I tested it, but the installer has not been updated. The last time I tested it, it showed it could detect nearly 10,000,000 threats. But after installing updates the number went down by about 2,000,000.

There are two websites for CMC. The English language website has not been updated for some time. Google warns that the main website, cmcinfosec .com may be hacked.
 
D

Deleted member 65228

Thread author
I just thought when 23 well known venders flagged the files something must be going on. That means not just CMC had FP's but many big time AV's did also. And I am talking the big players here
Sorry I'm confused

CMC flagged files as malicious which were not malicious as well as other AV vendors, or CMC flagged zero-days which other AVs didn't detect?
 
  • Like
Reactions: AtlBo
D

Deleted member 65228

Thread author
There are two websites for CMC. The English language website has not been updated for some time. Google warns that the main website, cmcinfosec .com may be hacked.
Google don't warn anything for me in a VM on latest Google Chrome
 
  • Like
Reactions: AtlBo and roger_m

Thirio

Level 3
Verified
Well-known
Mar 3, 2017
126
I can't speak for the detection rate of CMC but when I tried it I couldn't uninstall it afterwards without the help of revo uninstaller and TDSSKiller. I can't trust a product which won't let you uninstall it. Kaspersky basically detected it and removed it for me. :unsure:
 

roger_m

Level 41
Verified
Top Poster
Content Creator
Dec 4, 2014
3,014
Google don't warn anything for me in a VM on latest Google Chrome
This is still what I get when I search for it in Google.

CMC.png

I didn't get any warning from Chrome, when I clicked on the second search result to open the CMC website.
 
F

ForgottenSeer 69673

Thread author
Sorry I'm confused

CMC flagged files as malicious which were not malicious as well as other AV vendors, or CMC flagged zero-days which other AVs didn't detect?

Ok I will try to explain it better.
1 I was testing the new AVG beta with default settings.
2 I did a manual scan of a folder containing about 50 malware.
3 AVG did not detect like 14 of the samples.
4 I then submitted the undetected samples to Virus total
5 Only two scan engines detected two of the samples, CMC was not one of them.
6 The rest of the samples were detected by up to 25 scan engines.
7 Of those samples detected by the up to 25 scan engines, CMC detected all but two.
8 All the samples that CMC detected had the same malware name.

I hope I did a better job of explaining this time. I would have to fire up the VM again to see what the malware name was. I didn't write that down. Also all the scan engines seemed to use generic detections not sigs.
 
  • Like
Reactions: AtlBo and upnorth
F

ForgottenSeer 69673

Thread author
This is still what I get when I search for it in Google.

View attachment 179848
I didn't get any warning from Chrome, when I clicked on the second search result to open the CMC website.

Is your first link to the English version? I thought I had checked that yesterday and could not find the download. Site said something about installing a driver first or something like that.
 
  • Like
Reactions: AtlBo
D

Deleted member 65228

Thread author
I hope I did a better job of explaining this time.
Yeah I understand now but I don't see where the issue is. If it was a name like "Trojan.Agent" or something then there's nothing weird. Also they might be using a dual-engine, do you know if they are?

There's loads of reasonable explanations aside from them blatantly flagging new VT uploads. I'd know if they were because I use VT daily, and I rarely ever see CMC flag anything at all.
 
  • Like
Reactions: AtlBo
F

ForgottenSeer 69673

Thread author
Yeah I understand now but I don't see where the issue is. If it was a name like "Trojan.Agent" or something then there's nothing weird. Also they might be using a dual-engine, do you know if they are?

There's loads of reasonable explanations aside from them blatantly flagging new VT uploads. I'd know if they were because I use VT daily, and I rarely ever see CMC flag anything at all.

I will fire up my VM later and post some screen shots. Also Later yesterday AVG was detecting 6 more of the same samples.
 
  • Like
Reactions: vtqhtr413 and AtlBo
D

Deleted member 65228

Thread author
I will fire up my VM later and post some screen shots. Also Later yesterday AVG was detecting 6 more of the same samples.
Yes but why does any of this matter?

That's why I am confused. I don't understand why we are discussing this? CMC flagged some samples and AVG flagged some samples... That's normal, they are flagging malware?

Lol
 
  • Like
Reactions: AtlBo
F

ForgottenSeer 69673

Thread author
Yes but why does any of this matter?

That's why I am confused. I don't understand why we are discussing this? CMC flagged some samples and AVG flagged some samples... That's normal, they are flagging malware?

Lol

CMC flagged malware other big names did. I have not installed it yet. Everybody is saying CMC has bad detection ratings. I didn't see that in my test. What I did see it is using the same name of all that makes me suspicious. It really isn't a big deal I guess but I will post some screen shots later and then I will be done with it.
 
  • Like
Reactions: vtqhtr413 and AtlBo
D

Deleted member 65228

Thread author
CMC flagged malware other big names did. I have not installed it yet. Everybody is saying CMC has bad detection ratings. I didn't see that in my test. What I did see it is using the same name of all that makes me suspicious.
Lol a few samples is nothing and the samples could have been old anyway

You're wasting your time, there's thousands of new samples each week. A few signature detection's is meaningless.

Maybe they stole the detection's, not by stealing databases obviously but by adding a detection because another vendor did. Quite a few vendors used to do this back in the day.

None of this matters anyway
 
  • Like
Reactions: AtlBo
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top