Forum Support > Software Problems and Questions
Universal AV low detection
Petrovic:
Hi
--- Quote ---Currently, there are 11 antivirus engines in the Universal AV Server, namely Emsisoft, Avira, McAfee, Microsoft Security Essential, Eset, Bitdefender, AVG, Norman, Quick Heal, Total Defense and Clamwin.
--- End quote ---
7 files
https://www.virustotal.com/en/file/3eb95ac30a1b388e0e068d6583d51b5d34daa76e6c3c24ada979282dd3ef7ab1/analysis/
https://www.virustotal.com/en/file/a7b4c0a88af18f49498d824d4e0eb4ce43f64c78596787c05bd7ef181acaedf0/analysis/
https://www.virustotal.com/en/file/31fe0ebe3d702c3d8f7c3012ff48b2876e95da88e7eab4bbba2a33f64da065dc/analysis/
https://www.virustotal.com/en/file/784010d00b5a857e2d9d362d1223842bcba611738bf68be899b4add7999560ff/analysis/
https://www.virustotal.com/en/file/571e604343e24881bbc6ee2a57837a2e37e8d075b9e33ccf90326c5b13537cdc/analysis/
https://www.virustotal.com/en/file/0f5f56f148437ec9a0d5b4cf77d35be12cc136b7d892acf056d0a1c8248f602e/analysis/
These files have detection antiviruses in the Universal AV list.
What is the reason?
+
Submission of malware samples
https://secureaplusbeta.secureage.com/Beta2/betaportal_challenge_form.php
How else provide samples?
Thank you and have a excellent day!
Petr
Pedersen:
You scanned the files using ClamAV (local AV) not UAV... Thats the reason for your screenshot.
The rest will be detected within an hour or when you execute them (UAV upload them for sample files)
Yuki:
Or you can make complete scan to manually scan them with UAV.
(make sure they're not in the excluded folder before scanning)
But I once found some samples detected in VT are not detected by UAV, though it includes same engine which detected the sample in VT.
I don't know whether it was fixed, sinlam said it was not issue but I don't know what this exactly means.
Petrovic:
--- Quote from: Pedersen on July 30, 2014, 09:48:37 AM ---You scanned the files using ClamAV (local AV) not UAV...
--- End quote ---
ClamAV off
This should not affect the detection through the cloud
--- Quote from: Yuki on July 30, 2014, 10:58:50 AM ---Or you can make complete scan to manually scan them with UAV.
--- End quote ---
)))
Samples should be detected immediately and not after an hour or more
Another example of:
http://malwaretips.com/threads/2014-07-30-17.30873/#post-235380
It turns out if you turn off ClamAV - Universal AV practically useless when detected samples?
Detection of an hour)))
This is bad :o
sinlam:
--- Quote from: Petrovic on July 30, 2014, 07:21:39 AM ---Hi
7 files
--- End quote ---
Universal AV only detects 1 out of 7 files. This is most probably because we don't have the sample files for the rest of the 6 files.
--- Quote from: Petrovic on July 30, 2014, 07:21:39 AM ---
https://www.virustotal.com/en/file/3eb95ac30a1b388e0e068d6583d51b5d34daa76e6c3c24ada979282dd3ef7ab1/analysis/
https://www.virustotal.com/en/file/a7b4c0a88af18f49498d824d4e0eb4ce43f64c78596787c05bd7ef181acaedf0/analysis/
https://www.virustotal.com/en/file/31fe0ebe3d702c3d8f7c3012ff48b2876e95da88e7eab4bbba2a33f64da065dc/analysis/
https://www.virustotal.com/en/file/784010d00b5a857e2d9d362d1223842bcba611738bf68be899b4add7999560ff/analysis/
https://www.virustotal.com/en/file/571e604343e24881bbc6ee2a57837a2e37e8d075b9e33ccf90326c5b13537cdc/analysis/
https://www.virustotal.com/en/file/0f5f56f148437ec9a0d5b4cf77d35be12cc136b7d892acf056d0a1c8248f602e/analysis/
These files have detection antiviruses in the Universal AV list.
What is the reason?
--- End quote ---
You have quarantined the file, that is detected as virus, so left only 6 files, which was not detected by Universal AV as virus because it does not have the sample yet.
--- Quote from: Petrovic on July 30, 2014, 07:21:39 AM ---+
Submission of malware samples
https://secureaplusbeta.secureage.com/Beta2/betaportal_challenge_form.php
How else provide samples?
--- End quote ---
For samples bigger than 10 MB, you can upload via ftp to ftp://beta.secureaplus.com/challenge/<user_id>. <user_id> is your login id for SecureAPlus Beta Portal. Thank you so much and we do need a lot of samples as we are in the midst of collecting them :)
Navigation
[0] Message Index
[#] Next page
Go to full version