So i did test all free AV and was Surprised.

Are you surprised by the results conducted in my test?

  • Yes

    Votes: 11 28.2%

  • No

    Votes: 6 15.4%

  • Not on all programs

    Votes: 22 56.4%
  • Total voters
    39
A

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,823
Tiny said:
@Slerion , perhaps you should take out the link and ask an admin/moderator how to proceed? The thread has had a lot of posts and a noob member of the happy clicker crew might be tempted to have a look at your samples :). Sounds silly, but I'm sure we all know that such behaviour is to be expected at all times.

You could give the link privately, but I would still advise you speak to the admin first. No one wants to listen to complaints from people getting infected by clicking on something in their forums.
Click to expand...
@Slerion Agree with this. Even on a forum dedicated to cybersecurity there's always going to be someone who ends up getting a little too curious for their own good. Especially people who are convinced their security configuration is strong enough to handle any malware they execute outside a VM.

Edit: It's in the vault now so I'd remove the link from this thread. New members and guests can't access the vault and there's appropriate warnings to dissuade people from downloading and executing random malware there.
 
Last edited:
  • Like
Reactions: DJ Panda, frogboy, AtlBo and 1 other person
Slerion

Slerion

Level 5
Thread author
Verified
Well-known
Feb 24, 2016
246
  • Like
Reactions: AtlBo and Amelith Nargothrond
brod56

brod56

Level 15
Verified
Top Poster
Well-known
Feb 13, 2017
737
I tend to take every test result with a grain of salt, but I just cant stand how Comodo improved its detection rate from one day to another...
Nothing against the software, just saying ;)
 
  • Like
Reactions: Handsome Recluse and Schank873
brod56

brod56

Level 15
Verified
Top Poster
Well-known
Feb 13, 2017
737
Evjl's Rain said:
I completely agree. Paid products are not better than free products if we know what we are doing and find a good combo
for example, WD/avast/avira/BD free + Voodooshield free/comodo firewall => paid products = who are better, except lockdown products?
Click to expand...

Agree 100%. The best protection is a default-deny solution, which is absolutely free.
I feel like the AV market/business is just encouraging new malware every single day, which is sad.
 
  • Like
Reactions: askmark
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
A part of experimentation test is the possible change of a result.

Did anyone see an experiment where consistent result will be shown? It's not right? Therefore a test done in antivirus have different factors regardless the reputation of a samples taken.

Since the samples are taken from weeks to month, then some AV are already managed to flagged it down compare to others.

I should agree on different methodologies which ensure no false positives and everything is malicious even PUP; but let's take it that the OP follow it correctly then accept the fact where a unique result is occur.

-----------------

Fact: Avira lately are behind on the on-demand scanner test thus surprisingly other AV's excel on that case. (I've witnessed some Youtube reviews way back before); Avast Free become a good alternative next to Avira.
 
  • Like
Reactions: askmark, Handsome Recluse and Amelith Nargothrond
Slerion

Slerion

Level 5
Thread author
Verified
Well-known
Feb 24, 2016
246
mamamia said:
Test for Kaspersky??.-
Click to expand...
No because its paid.
roger_m said:
I had a look at your screenshots, and it appears that around 12 of the files are not malicious, e.g. PUPs.
Click to expand...

as i said its a mixed test. and Pups / pua are Most time malicious ( and werent many included ). or do you want something like these hard core reinstalling cpu eating toolbars or ad injectors installed because you didnt look or wasnt even asked ? or someone less techsavy installed something ? its a low risk threat but its a threat.
 
  • Like
Reactions: AtlBo and askmark
Slerion

Slerion

Level 5
Thread author
Verified
Well-known
Feb 24, 2016
246
jamescv7 said:
A part of experimentation test is the possible change of a result.

Did anyone see an experiment where consistent result will be shown? It's not right? Therefore a test done in antivirus have different factors regardless the reputation of a samples taken.

Since the samples are taken from weeks to month, then some AV are already managed to flagged it down compare to others.

I should agree on different methodologies which ensure no false positives and everything is malicious even PUP; but let's take it that the OP follow it correctly then accept the fact where a unique result is occur.

-----------------

Fact: Avira lately are behind on the on-demand scanner test thus surprisingly other AV's excel on that case. (I've witnessed some Youtube reviews way back before); Avast Free become a good alternative next to Avira.
Click to expand...


thanks but only 50% of the files are days to weeks and months old

the other 50% was less than a day old to see short and long term protection ( was actually a test just for myself ) but i shared it.
 
  • Like
Reactions: AtlBo, askmark and Amelith Nargothrond
Tiny

Tiny

Level 3
Verified
Well-known
Dec 29, 2016
131
Strange. My post was deleted. Was there something offensive in there?
 
Slerion

Slerion

Level 5
Thread author
Verified
Well-known
Feb 24, 2016
246
Tiny said:
Strange. My post was deleted. Was there something offensive in there?
Click to expand...
ask the mods / admins or did it include a link to my malware pack ? ( BTW if someone wants it look in the malware vault or pm me )
 
  • Like
Reactions: AtlBo
erreale

erreale

Level 9
Verified
Content Creator
Malware Hunter
Well-known
Oct 22, 2016
409
I did a quick test. Emsisoft IS 744/862
EIS left 128 files.
ZAM 30/128
NPE 22/128
HitmanPro 8/128
However, many files (legitimate or malware) are present multiple times.
 
  • Like
Reactions: AtlBo, askmark, lab34 and 2 others
DJ Panda

DJ Panda

Level 30
Verified
Top Poster
Well-known
Aug 30, 2015
1,928
Response from Dan, developer of Voodoosheild. I had emailed him earlier about the pack.

There were some clean samples in this pack of 862 files, and since I tested VS on AutoPilot, it automatically allowed them… they are below. There were some duplicates as well, and they are sorted by duplicates.

Antivirus scan for 9068f4fcfd2aa78ed5130d7af1f70bafe3388d3443991c372cb430bb64eb9a82 at 2017-03-31 09:14:32 UTC - VirusTotal

Antivirus scan for 6525a053c5c2dbe16d73b927a3e5277ca8278958a524dce09da231393f00fdc7 at 2017-04-18 21:05:23 UTC - VirusTotal

Antivirus scan for 5b602304faf88737a24a3ad74f92938ea60eed8bdc4532131a31bce5a58be98a at 2017-04-14 10:21:32 UTC - VirusTotal

Antivirus scan for 27cbbd716b164077fefc280b721b53797ac02db97fe1f5b29050ae1b3508140f at 2017-01-21 02:10:19 UTC - VirusTotal

Antivirus scan for f58c376baaf6bab32f62e0863cb9c40a70a0a4da69dc0fe10ba9c0d8656d92eb at 2017-02-24 00:43:21 UTC - VirusTotal

https://virustotal.com/en/file/d73c...efc5b09937e5300cb0ecaffda70f4efdef0/analysis/



https://virustotal.com/en/file/58b7...7e70a7938a5f9816847072d1ad7397215ed/analysis/

https://virustotal.com/en/file/58b7...7e70a7938a5f9816847072d1ad7397215ed/analysis/



https://virustotal.com/en/file/c290...2873ecb7e58e7fae289842d28e6a0983290/analysis/

https://virustotal.com/en/file/c290...2873ecb7e58e7fae289842d28e6a0983290/analysis/



https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/



The only questionable file is the first one in the list… all the rest were clean. This file is “ScreenConnect Client”, and Cuckoo did not like it for obvious reasons (the Cuckoo analysis is below), but I would guess this file is clean as well.



http://voodooshield.ddns.net:8080/analysis/5960/



There were also a handful of clean files that were not known to the blacklist, but they were created and signed by Auslogics, so these were clean files as well, but VS blocks unknown files by default, even in AutoPilot mode.



Here are the results: www.voodooshield.com/artwork/Report862.txt



In the end, VS auto allowed the 19 clean files and blocked everything else, so that is probably as close to 100% as you can get… the blacklist and VoodooAi are an amazing combo, and they are highly optimized to work well together.



There are almost always a handful of clean files in malware packs… although, for the life of me, I have no idea why this always seems to happen .

Dan is currently uploading a video right now. Should be out shortly. :)
 
  • Like
Reactions: AtlBo, Parsh, askmark and 3 others
Slerion

Slerion

Level 5
Thread author
Verified
Well-known
Feb 24, 2016
246
J Gamez065 said:
Response from Dan, developer of Voodoosheild. I had emailed him earlier about the pack.

There were some clean samples in this pack of 862 files, and since I tested VS on AutoPilot, it automatically allowed them… they are below. There were some duplicates as well, and they are sorted by duplicates.

Antivirus scan for 9068f4fcfd2aa78ed5130d7af1f70bafe3388d3443991c372cb430bb64eb9a82 at 2017-03-31 09:14:32 UTC - VirusTotal

Antivirus scan for 6525a053c5c2dbe16d73b927a3e5277ca8278958a524dce09da231393f00fdc7 at 2017-04-18 21:05:23 UTC - VirusTotal

Antivirus scan for 5b602304faf88737a24a3ad74f92938ea60eed8bdc4532131a31bce5a58be98a at 2017-04-14 10:21:32 UTC - VirusTotal

Antivirus scan for 27cbbd716b164077fefc280b721b53797ac02db97fe1f5b29050ae1b3508140f at 2017-01-21 02:10:19 UTC - VirusTotal

Antivirus scan for f58c376baaf6bab32f62e0863cb9c40a70a0a4da69dc0fe10ba9c0d8656d92eb at 2017-02-24 00:43:21 UTC - VirusTotal

https://virustotal.com/en/file/d73c...efc5b09937e5300cb0ecaffda70f4efdef0/analysis/



https://virustotal.com/en/file/58b7...7e70a7938a5f9816847072d1ad7397215ed/analysis/

https://virustotal.com/en/file/58b7...7e70a7938a5f9816847072d1ad7397215ed/analysis/



https://virustotal.com/en/file/c290...2873ecb7e58e7fae289842d28e6a0983290/analysis/

https://virustotal.com/en/file/c290...2873ecb7e58e7fae289842d28e6a0983290/analysis/



https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/

https://virustotal.com/en/file/b327...739aa3925f19ae0871dec32e9d27933082d/analysis/



The only questionable file is the first one in the list… all the rest were clean. This file is “ScreenConnect Client”, and Cuckoo did not like it for obvious reasons (the Cuckoo analysis is below), but I would guess this file is clean as well.



http://voodooshield.ddns.net:8080/analysis/5960/



There were also a handful of clean files that were not known to the blacklist, but they were created and signed by Auslogics, so these were clean files as well, but VS blocks unknown files by default, even in AutoPilot mode.



Here are the results: www.voodooshield.com/artwork/Report862.txt



In the end, VS auto allowed the 19 clean files and blocked everything else, so that is probably as close to 100% as you can get… the blacklist and VoodooAi are an amazing combo, and they are highly optimized to work well together.



There are almost always a handful of clean files in malware packs… although, for the life of me, I have no idea why this always seems to happen .

Dan is currently uploading a video right now. Should be out shortly. :)
Click to expand...

do you mean clean as in truly clean or in the part like auslogics. they like to add Pua / pups to their installers :)
 
  • Like
Reactions: AtlBo
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • Hundred Points
    • +Reputation
AV-TEST ATP Test: Defending Against Data Stealers and Ransomware (October 2023)
Replies
4
Views
696
Security Statistics and Reports
SeriousHoax
SeriousHoax
Brownie2019
    • Like
Unlimited Giveaway Fing- all-in-one network monitor for free
Replies
1
Views
948
Giveaways, Promotions and Contests
tharunnamboothiri
tharunnamboothiri
Anthony Qian
    • +Reputation
    • Like
    • Thanks
New Update Avira expands its APC to support script malware
Replies
4
Views
1,277
Avira
Anthony Qian
Anthony Qian

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top