A lot of users here think that scanning at virustotal gives the same results as scanning with all the bundled scanners separately, well folks the bundle is not the real McCain, it is less, why read this quote I dug up at the Prevx site:
For instance, a famous website has been attacked and malicious code has been injected inside the main page some days ago. Whilst lots of users tested the dropped malware on VirusTotal and drawing wrong conclusions, Prevx Edge has been able to heuristically block it since the beginning.
This is because many new heuristic techniques that we use can’t be included inside the on-demand scanner, which will simply check if the plain file signature is present inside the community database.
I’ve exposed the situation as it is for Prevx, but this is common to other security software too. They often include new techniques - behavior blockers, heuristic behavior analyzers, dynamic heuristic engines and so on - used to mitigate (or override, most of times) the gap between malware creation and signature release.If sometimes you find heuristic detections on VirusTotal, it doesn’t necessary mean that the heuristic detection is totally implemented inside the on-demand scanner. Simply, there are some techniques that can’t be easily implemented inside an on-demand version of the scanner. Anyway their role is crucial and they allow security software to detect 0day threats.
If you rely only upon VirusTotal results, then you could miss the real effectiveness of tested antivirus solutions.
This is why using VirusTotal for antivirus comparatives and testing is the wrong approach.
I really don’t know why you are regurgitating this again when it has been actively discussed (and discounted to a degree) in the other topic which got side tracked to the VT discussion, basically the same topic, http://forum.avast.com/index.php?topic=43897.0 ???
The article was clear that this was related to Prevx’s scanner on VT as they can’t speak for anyone else and doesn’t discount the total lack of heuristics, so this is misleading. It also doesn’t detract from the reasons we send users to VT.
I think I will have to copy all the posts from the other topic or this would be unbalanced, but somehow I doubt I will as I know I won’t be wasting any more time on it.
It came all up quite at the end of the original thread, and it was an argument started by me on good grounds.
I opened it up here again, because some users might have missed it there hidden all at the end of that thread, as I think a lot of users just glance at the subjects we discuss.
Virustotal scanning is an important issue as such, as we advise it very often to people that come here. These folks should also know to what they are submitting their suspicious files, and so what an online scanner cannot do under any circumstance. It is only that last issue I have highlighted here, and not many users here know these facts.
Thanks for the correction, and my apologies to the realMcCain, that should have been McCoy, the fact is you have the facts that are (not) fiction, and I had the fiction that was not a fact, I will continue to use the proverb as it should be, and you certainly are the realMcbob. In Scotland while I worked there over at a hotel in the "hielands"when I was young, every morning my breakfast kipper was served by MrsMac and everyone knew who was the real MrsMac,
Well, why are you copying someone’s post? And is it logical to state the same thing although it was stated before?
And what’s the purpose of writing those links in your all posts?
