Re: Av issues

[Thierry Zoller <Thierry () sniff-em com>]

Dear list,

Interesing findings:
Different results with different variants
------------------------------------------------
visitbipin () yahoo com posted this POC (over FD)
http://www.geocities.com/visitbipin/test_nav.zip

AntiVir              : Eicar-Test-Signature
Avast                : EICAR Test-NOT!!
AVG Antivirus        : EICAR_Test
BitDefender          : EICAR-Test-File
ClamAV               : No viruses found
Dr.Web               : EICAR Test File
F-Prot Antivirus     : No viruses found
Fortinet             : No viruses found
Kaspersky Anti-Virus : EICAR-Test-File
mks_vir              : Eicar.Test (probable variant)
NOD32                : No viruses found
Norman Virus Control : No viruses found

---------------------------------------------------
visitbipin () hotmail com posted this POC
http://www.geocities.com/visitbipin/gpbf.zip

AntiVir              : No viruses found
Avast                : EICAR Test-NOT!!
AVG Antivirus        : EICAR_Test
BitDefender          : EICAR-Test-File (not a virus)
ClamAV               : Eicar-Test-Signature
Dr.Web               : EICAR Test File (NOT a Virus!)
F-Prot Antivirus     : No viruses found
Fortinet             : EICAR_TEST_FILE
Kaspersky Anti-Virus : No viruses found
mks_vir              : No viruses found
NOD32                : Eicar test file
Norman Virus Control : No viruses found


Interesting note:
Kaspersky detects only 1 out of 2 variants
AntiVir detects only 1 out of 2 variants
ClamAV detects only 1 out of 2 variants
mks_vir detects only 1 out of 2 variants
Fortinet detects only 1 out of 2 variants
NOD32 detects only 1 out of 2 variants

FPROT detects 0 out of 2 variants
Norman Virus Control detects 0 out of 2 variants

--
Thierry Zoller
mailto:Thierry () sniff-em com


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/