Different antivirus software give different results with same suspect files

[jbclem]

I do manual antivirus scanning with three or four different software. But I'm losing faith in all of them because the
results are so different...even in the rare event that they spot the same suspect file, they can't seem to get the name
of the virus right. One says one thing, the other something completely different. I often go online and try to find
information on a named virus(or trojan, or whatever) and usually can't find anything but a very sketchy few words such
as "yes this is a virus". Most of the time when I google a virus name the first 10-20 entries are those web sites that
try to convince you the end of the world is coming (via a virus) and you have to immediately use their web based scan.

I'm using Avast 4.7, Norton Corporate Antivirus, Solo Antivirus, AVG. Today a rare thing happened, two of the software
agreed that a certain file was a "virus". The problem was they each had a different identification for it...Norton
called it a "downloader", Avast said it's "Win32: Trojan-gen (Other)". Avast likes to use this designation a lot.

Is there a gold standard web site or software that is highly accurate...one that I could use to double check these flaky
results. Or do I have to create a new partition and OS just to test every suspicious file because I have no faith left
with these softwares. What a lot of time that's going to take!

jc

 

[VanguardLH]

jbclem wrote:

What is with the excessively long 130-character lines? So why did you
change the default line length in Outlook Express from 76 to 130?

Not all newsreaders have a rewrap function (when replying to reformat to
shorter line length). Not everyone uses a newsreader that provides for
automatic linewrap, and having to scroll to the right or possibly end up
with truncated lines is a nuisance. All following lines were truncated
at 76 characters to show you what your post might look to someone else.

I do manual antivirus scanning with three or four different software. But I
results are so different...even in the rare event that they spot the same su
of the virus right. One says one thing, the other something completely diff
information on a named virus(or trojan, or whatever) and usually can't find
as "yes this is a virus". Most of the time when I google a virus name the
try to convince you the end of the world is coming (via a virus) and you hav

I'm using Avast 4.7, Norton Corporate Antivirus, Solo Antivirus, AVG. Toda
agreed that a certain file was a "virus". The problem was they each had a d
called it a "downloader", Avast said it's "Win32: Trojan-gen (Other)". Avas

Is there a gold standard web site or software that is highly accurate...one
results. Or do I have to create a new partition and OS just to test every s
with these softwares. What a lot of time that's going to take!

There is no international organization is that is assigned the
responsibility for naming viruses or their variations. Each antivirus
vendor has their own detection and analysis lab, not just one facility
that they all pay and use together.

Using multiple partitions for separate instances of antivirus detection
will not alter that each vendor uses their own name, so you will still
be stuck with different names used by different antivirus vendors to
identify the same virus.

As for faith, that is a topic of more contentious newsgroups. If you
trusted someone to repair your car who was called John by himself but
found out he was called Red by his coworkers because of his hair color,
used Jalopy as his moniker in newsgroups, and found out his legal name
was Ian, would you lose faith in John aka Red aka Jalopy aka Ian to
repair your car?

"What's in a name? That which we call a rose
By any other name would smell as sweet."
(Juliet, in "Romeo and Juliet", by Shakespeare)

 

[jbclem]

Thanks for the referral to Virus Total, that really helps in the determination. For example, the file I was most
concerned about was tagged by 23 of 38 antivirus machines, including most of the big name ones. That means a lot more
than another file that was mildly tagged by 8 of 38, none of which was a big name, and only five of which actually put
some kind of name to it (one actually called it "not a virus").

I wasn't so much concerned about the name disparity as I was by the complete lack of unanimity between antivirus
programs that I'd used. I'm also relieved to hear your opinion about Solo Antivirus, I liked it because it was so quick
but there may be a reason for that. Why is it you think it's worthless? How about some of the unknown(to me) machines
on Virus Total. Are there some that you pay more attention to than others?

jc