I still like Avira
I also mentioned I didn’t blame Avira because I felt that it was a new strain, and it looks like I was right.
Yesterday when I scanned the infected file it wasn’t reporting any issues.
Today I noticed a little update notice from Avira so for the heck of it I scanned the infected file again (kept it around to test with), and bam, detected!
So for the heck of it I popped it through my trusty online scanner, VirusTotal which will scan any file you upload against 41 antivirus engines.
The other day I got:
File iaStor.sys received on 2009.11.12 18:25:30 (UTC)
Current status: finished
Result: 1/41 (2.44%)
Reanalysing the file today I get:
File iaStor.sys received on 2009.11.15 00:09:41 (UTC)
Current status: finishedResult: 11/41 (26.83%)
Nick
I rescanned the file on VirusTotal.com again today out of boredom, and the new total is:
Result: 20/41 (48.79%)
I am actually very shocked it is not 100%
There are some SHITTY antivirus engines out there! A virus is in the wild and weeks upon weeks later, Over half the engines this site tests with still aren’t detecting it! Yikes!
I’m glad Avira is one of the good ones who was updated with in a couple days of discovery.
Here is a link to the latest report for anyone interested in seeing which engines suck balls:
http://www.virustotal.com/analisis/01858e47e205d8acbb869ee4af9e764b41cc39427b7a0d8846bc65aba5646ee4-1260043611
It should surprise NO ONE that virus engines NOT detecting this virus include:
Avast
McAfee
Symantec
TrendMicro