Better Detection

Hello,

As many of you migh have noticed the Avast team is making progress in detection of new worms and viruses . So here are the results of a file I just tested:

AntiVir X
ArcaVir X
Avast Win32:Warezov-OY
AVG Antivirus X
BitDefender X
ClamAV X
Dr.Web X
F-Prot Antivirus X
F-Secure Anti-Virus X
Fortinet X
Kaspersky Anti-Virus X
NOD32 X
Norman Virus Control X
VirusBuster X
VBA32 X

Keep up the good Work Avast !!!

Al968

That is interesting as this is the second Win32:Warezov-?? detection that I have seen in the forums today and neither are listed in the virus database, very strange. The last Win32:Warezov-O? ones listed are -OW, -OX and -OZ, but no -OY.

So there would appear to be a slight imbalance in the signatures and virus database, perhaps they don’t update the virus database at the same time as the VPS.

Actually they are listed :o
But it appears that they are npt from this month so you have to click on the year 2006 or click here and you will find it:

http://avast.com/eng/vps-content-2006.html

Al968

That is the VPS signatures listing, the virus database, on your system can be accessed from the simple user interface menu or right click on the skin and select Virus database, it is here that it wasn’t listed.

Sorry :stuck_out_tongue:

I didn’t see it either ???

Al968

The detections are somehow special (not the usual signatures) - so yes, it is possible that they don’t appear in the list of viruses. I guess they probably appear on the list once such a virus is detected :wink:

What do you mean by special ???
I’m curious ;D

Thanks

Al968

I’m curious too, thankfully I’m not a cat ;D

I’m afraid I’m going to disappoint you.
This particular detection is actually a false positive, fixed quite a long time ago (2 weeks or so). So, it looks like the Jotti scanner has quite an outdated VPS file… don’t know why :-\

I usually suggest people use VirusTotal because it uses the windows version of avast and has more AV engines to compare/check.

Would it make any difference that Jotti uses the Unix/Linux version, I assume that the VPS content is the same ?
Other than Jotti using an out of date set of signatures (if for avast you can only assume for others), which kind of negates its usefulness it is a shame they don’t display the VPS version they are using.