Furthermore, just because these engines did not detect that you are going to criticise them? And in VT, you cannot draw a solid conclusion about the efficiency of an AV. And sometimes, even the extension does not allow you to draw any conclusions, just based on the product itself installed on your system.
You should consider the results of all engines, but give more weight to those known to use advanced, cloud-based technologies and to the consensus among well-regarded vendors. The behavioral analysis reports are often the most valuable part of a VirusTotal scan when the results are ambiguous. Although they are not traditional antivirus engines, the behavioral analysis reports on VirusTotal are an absolutely crucial component of a comprehensive threat assessment. These reports are generated by tools like VMRay or Joe Sandbox, which execute the file within a controlled, sandboxed environment. This allows them to document the file's actions, such as the creation of new files, network connections, or modifications to the registry. The behavioral report often serves as the "smoking gun," providing clear evidence of a file's true nature even when multiple antivirus engines fail to flag it. For instance, if a file goes undetected by various engines but the behavioral analysis shows it attempting to communicate with a known command-and-control server or dropping suspicious executable files, it is a definitive indicator of malicious intent. Therefore, a thorough review of these reports is essential.
if so, it would be detected by McAfee webadivsor, but it was not.
McAfee Web Advisor flags the page as untested, they haven't seen it before. However, the untested URL adds confidence to the malware detections on files. Real time analysis can't flag anything, it's not a phishing site.
Pinpoint to any criticism; just mentioned what is displayed on VT results.
And? Was the malware download blocked by many others? It was. I don't see why we keep beating around the bush.
I do, but when an AV detects threat with signature before resorting to cloud, it has to be remarked; it is a strength.
The McAfee detection is a result of a signature. The file was emulated and detected.
If by signature, why not flagged on VT?
Just as was the case with K, see below in the screenshot detected by K's cloud, your post was very well placed. +1
I feel that you keep ignoring the details that I took from the antivirus log. You keep asking the same question again and again. I will keep giving you the same answer again and again.
| hti (Heuristic Threat Intelligence) | File Rep: 15, HTI Rep: 15, URL Rep: 65 | ||||
| av (Antivirus) | HTI Rep: 50 | ||||
| neo (ML/AI Engine) | HTI Rep: 50 |
I meant crucify him, understand? You can't judge them just because they didn't detect that page now, all AVs can make mistakes.
I've known @Trident for years. Is that just how he expresses himself? He's always been like that, I don't see anything wrong with it. You can't take it personally and think he's being rude to you, you know?
I like his knowledge, it is undoubtful, but I cannot use harsh expressions and ask others to accept because this myself.
Of course, and did not declare "McAfee is bad", just stated web extension by McAfee, Norton safe web, and Symantec browser protection did not block website, and on VT, McAfee, ESET, Symantec, Avast, AVG, Avira, MD, and others did not detect the jar file, that simple.
Yeah, but you have a problem yourself with not listening and beating around the bush in a circular manner.
I have no K installed on my PC, just describing the results page of VT, everyone can interpret VT results the way he/she likes.Just as was the case with K, see below in the screenshot detected by K's cloud, your post was very well placed. +1
But it is exactly these statements that then mislead readers.
