Are you surprised by the results conducted in my test?

  • Yes

    Votes: 11 28.2%
  • No

    Votes: 6 15.4%
  • Not on all programs

    Votes: 22 56.4%
  • Total voters
    39

cruelsister

Level 37
Verified
Trusted
Content Creator
For giggles I actually downloaded the pack. On the most cursory review I noticed that there were 20 instances of Webroot SecureAnywhere. 17 of these were an identical file signed by Webroot on Jan 16, 2017; the other 3 were the same app with a signature from Jan 3rd. Both of these were detected by either ClamAV or Rising/Jiangmin and nothing else (perhaps it was the UPX packer?). By the way, none of the 3 scanners mentioned are exactly considered Bulwarks of malware detection!

First off, let's concentrate on the 3 identical files, all with the SHA256:

c290e5e39b0f74f5f97d8accd2c202873ecb7e58e7fae289842d28e6a0983290

Now, go to the text file of VS's detection log (seen in Post 98) and do a search for the above- you will see that 2 were allowed and 1 was blocked- and this with all files being identical!

For the other (17 samples) with the SHA256:

b32753162fa9fba8771e302675ec5739aa3925f19ae0871dec32e9d27933082d

Half were Blocked, half Allowed (8 to 9).

Isn't that curious?
 
Last edited:

roger_m

Level 30
Verified
Content Creator
as i said its a mixed test. and Pups / pua are Most time malicious ( and werent many included ). or do you want something like these hard core reinstalling cpu eating toolbars or ad injectors installed because you didnt look or wasnt even asked ? or someone less techsavy installed something ? its a low risk threat but its a threat.
It's very rare for PUPs to be malicious. PUPs refer to portentially unwanted programs, rather than toolbars or adware. Toolbars or adware should not usually be identified as PUPs by antivirus software.
 

Slerion

Level 3
It's very rare for PUPs to be malicious. PUPs refer to portentially unwanted programs, rather than toolbars or adware. Toolbars or adware should not usually be identified as PUPs by antivirus software.
most av i used put Most toolbars or setups including these as either Pup / pua or adware
 

roger_m

Level 30
Verified
Content Creator
I ran a number of scans on the revised archive with the duplicates removed. Out of the 324 files, it seems that about 190 are malicious. The remaining files are either harmless PUPs, or are actually clean. The majority of the clean files are detected at VirusTotal due to false positives, but there a few clean files that are not detected by scanners. For example Rising, ClamAV, Zillya, and Baidu all give a lot of false positives.
 
Last edited:
Top