|
-
August 13th, 2008, 01:37 PM
#1
-
August 13th, 2008, 05:28 PM
#2
I'd have thought that more would have found it. But the more you encrypt it (recompress it) the harder it will be to detect, especially using different programs/algorithms.
Try just zipping it once and submit it.
-
August 13th, 2008, 08:00 PM
#3
Looking at the list, I'm not surprised...top AVs got it.
it was surprising seeing that the "new" Chinese Rising AV is among the 8 AVs
Still being skeptic about that Chinese program, but it looks like it's getting pretty good reviews....
-
August 13th, 2008, 09:19 PM
#4
does this have any significance? Can any AV guru comment on this pls? 
I'm no AV guru but I have a theory...
Depending on how the AV is setup by the maker (or if adjustable, by the user (Trend Micro used to have this capability)), a scan only drills down so far. Your test was 3 archives deep. My guess is that if you tested only 2 deep, the number of hits would rise by a fair number (perhaps all of them??)
It all comes down to efficiency of time and computer resources. The longer scans take, or the more CPU cycles they consume, the poorer computing experience the end user will have. Plus, it should normally be safe to assume an AV's real-time scanner should still catch the file once it's no longer hidden inside of an archive. So the benefits of drilling down more than just a couple of levels might be minimal.
Is there any significance to all this? IMO, yes and no. Yes, in that we all would like for an AV to stop malware the first time it encounters a bad file. But also no because I'm protected anyway. Why waste my time or my computer's resources?
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
so I decided to make a test
Reply With Quote
