Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
Details about Discovered False Alarms
Appendix to the Anti-Virus Comparative February 2011
Language: English February 2011 Last Revision: 29th March 2011 www.av-comparatives.org
- 1 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
Details about the discovered false alarms
With AV testing it is important to measure not only detection capabilities but also reliability - one of reliability aspects is certainly product's tendency to flag clean files as infected. No product is immune from false positives (FP’s) but there are differences among them and the goal is to measure them. Nobody has all legitimate files that exist and so no "ultimate" test of FP’s can be done. What can be done and is reasonable, is to create and use a set of clean files which is independent. If on such set one product has e.g. 50 FP’s and another only 10, it is likely that the first product is more prone to FP’s than the other. It doesn't mean the product with 10 FP’s doesn't have more than 10 FP’s globally, but important is the relative number.
All listed false alarms were reported and sent to the Anti-Virus vendors for verification and should now be already fixed. False alarms caused by unencrypted data blocks in Anti-Virus related files were not counted. If a product had several false alarms belonging to the same software, it is counted here as only one false alarm. Cracks, keygens, etc. or other highly questionable tools, as well as FP’s distributed primary by vendors or other non independent sources are not counted here as False Positives. A separate test evaluating the FP occurrence on clean files distributed by vendors as malware inside malware collections may be done in future.
In order to give more information to the users about the false alarms, we try to rate the prevalence of the false alarms. Files with valid digital signatures are considered more important. Due that, a file with e.g. prevalence “level 1” and a valid digital signature gets upgraded to next level (e.g. prevalence “level 2”).
The prevalence is given in 5 categories and labeled with the following colors: Level Presumed number of affected users1 Comments 1 Probably fewer than hundred users Individual cases, old or rarely used files, unknown prevalence 2 Probably some hundreds of users Initial distribution of such files was probably higher, but current usage on actual systems is lower (despite its presence), 3 Probably some thousands of users that’s why also well-known software may now affect / have only 4 Probably tens of thousands (or more) a prevalence of some hundreds or thousands of users. of users 5 Probably hundreds of thousands (or Such cases are likely to be seen very less frequently in a false more) of users alarm test done at a specific time, as such files are usually either whitelisted or would be noticied and fixed very fast. We do not even give an own category for cases which affect several millions of users.
Most false alarms will probably most of the times fall into the first two levels. In our opinion Anti- Virus products should not have false alarms on clean files despite how many users are affected by them. While AV vendors play down the risk of false alarms and play up the risk of malware, we are not going to rate products based on what the supposed prevalence of false alarms is. We already allow a certain amount (15) of false alarms inside our clean set before we start penalizing scores and in our opinion products which produce a higher amount of false alarms are also more likely to produce false alarms on more prevalent files. The prevalence data we give about clean files is just for informational purpose. The listed prevalence can differ inside the report depending on which file / version the false alarm occurred.
1 If all users would have used the Anti-Virus product causing the false alarm at that time.
- 2 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
Some products using third-party engines/signatures may have fewer or more false alarms than the licensed engine has by its own, e.g. due different internal settings implemented, the additional checks/engines/clouds/signatures, whitelist databases, time delay between the release of the original signatures and the availability of the signatures for third-party products, additional QA of signatures before release, etc.
False Positives (FPs) are an important measurement for AV quality. One FP report from a customer can result in large amount of engineering and support work to resolve the issue. Sometimes this can even lead to important data loss or system unavailability. Even “not significant” FPs (or FP’s on old applications) deserve mention and attention because FPs are likely to be a result of principled rule detections. It just happened that the FP was on an insignificant file. The FP possibility is probably still in the product and could FP again on a more significant file. Thus, they still deserve mention and still deserve penalty.
Below you will find the false alarms we observed in our independent set of clean files. Red entries highlight false alarms on files with valid digital signatures.
McAfee
McAfee had zero false alarms over our set of clean files.
Microsoft False alarm found in some parts of Detected as Supposed prevalence SunnyBall package TrojanDownloader:Win32/Troxen!rts
Security Essentials had 1 false alarm.
BitDefender False alarm found in some parts of Detected as Supposed prevalence Schachermayer package Trojan.Generic.KDV.81886
StarOffice package Dropped:Trojan.Zlob.2.Gen
TwitterReader package Trojan.Generic.4990283
Bitdefender had 3 false alarms. eScan False alarm found in some parts of Detected as Supposed prevalence Schachermayer package Trojan.Generic.KDV.81886
StarOffice package Dropped:Trojan.Zlob.2.Gen
TwitterReader package Trojan.Generic.4990283
eScan had 3 false alarms.
F-Secure False alarm found in some parts of Detected as Supposed prevalence Schachermayer package Trojan.Generic.KDV.81886
StarOffice package Dropped:Trojan.Zlob.2.Gen
TwitterReader package Trojan.Generic.4990283
F-Secure with default settings had 3 false alarms.
- 3 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
Sophos False alarm found in some parts of Detected as Supposed prevalence Outpost package Mal/Generic-L ParentsFriend package Mal/Behav-141
PosterForge package Mal/Generic-L
TeaTimer package Mal/EncPk-MR
Sophos had 4 false alarms with default settings.
AVIRA False alarm found in some parts of Detected as Supposed prevalence BestMovie package DR/Agent.ezcq
Deluxanoid package DR/Click.VBiframe.cxo
FarCry package TR/PSW.VB.cci
Miranda package TR/Gendal.232945
No23Recorder package TR/Horse.FPS
OrepcLook package TR/Dropper.Gen
SuperiorSearch package TR/ATRAPS.Gen2
TinyFW package TR/Rootkit.Gen
Virweed package TR/Spy.Delf.kqw
AVIRA had 9 false alarms.
PC Tools False alarm found in some parts of Detected as Supposed prevalence CodecPaket package Trojan.Gen
EasyBurning package Trojan.Gen
FotoWorks package HeurEngine.Packed-Morphine
GetIt package Trojan.ADH
Lazarus package HeurEngine.Vuntid
Miranda package HeurEngine.ZeroDayThreat
No23Recorder package Trojan.Generic
PDFExplorer package Trojan.Generic
PhoCalc package Trojan.AntiAV!ct
Virweed package Trojan.Gen
PC Tools had 10 false alarms.
Symantec False alarm found in some parts of Detected as Supposed prevalence AudioCDArchiv package Trojan.Gen
CDDVDBurning package Suspicious.Cloud.AM
EasyBurning package Trojan.Gen
GetIt package Trojan.ADH.2
Lazarus package Packed.Vuntid!gen1
LogMeIn package Trojan.Gen No23Recorder package Trojan Horse
PDFExplorer package Trojan Horse
PhraseExpress package Trojan.Gen
VideoTool package Trojan.Gen
Virweed package Trojan.Gen
Symantec Norton Anti-Virus had 11 false alarms.
- 4 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
Kaspersky False alarm found in some parts of Detected as Supposed prevalence ChangRes package HEUR:Trojan.Win32.Generic
ClipGrabXP package HEUR:Trojan.Win32.Generic
CPUkue package Trojan-GameThief.Win32.Lmir.oyl
DeltaForce package Backdoor.Win32.DsBot.dgd MapleXP package Trojan-Dropper.Win32.Agent.djsx
PowerStrip package Trojan-Banker.Win32.Banz.gli TweakPower package Trojan.Win32.Agent.dzug
TweakXP package HEUR:Trojan.Win32.Generic
Virweed package Trojan-Spy.Win32.Delf.kqw
WaveKnife package Trojan-Banker.Win32.Agent.boy
WinPower package Type_Win32
XPUserManager package Trojan-Downloader.Win32.Banload.bhdf
Kaspersky had 12 false alarms.
TrustPort False alarm found in some parts of Detected as Supposed prevalence AfrikaKorps package Generic2.RPC
Aspell package Downloader.Obfuskated
Foobar package Generic18.CBNR
IrfanView package Generic20.BTUZ ITMarken package Generic20.CPHH
Schachermayer package Trojan.Generic.KDV.81886
StarOffice package Dropped:Trojan.Zlob.2.Gen
Start package Agent2.BSCE
TotalNetworkInventory package Generic_c.RSB
TwitterReader package Trojan.Generic.4990283
WinFlip package Downloader.Swizzor.QPK
WinTk package Script/Exploit
TrustPort had 12 false alarms.
K7 False alarm found in some parts of Detected as Supposed prevalence Anti-Trojan package Trojan
BitComet package Trojan-Downloader BSPlayer package Trojan
DirectX package Trojan Langenscheidt package Trojan
PeIMG package Trojan
PowerStd package Trojan
SMPlayer package Trojan
Softwin package Trojan
Tetrix package Virus Uninstaller package Trojan VistaCleaner package Trojan
WinFAQ package Trojan
Zattoo package Trojan
K7 had 14 false alarms.
- 5 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
AVG False alarm found in some parts of Detected as Supposed prevalence AdNuke package Win32/DH.AA54534F48
Aspell package Downloader.Obfuskated
BlueFish package Win32/Heur
ClipInc package Generic17.BAEW
DriverGenius package Dropper.VB.CLN
Foobar package Generic18.CBNR
IrfanView package Generic20.BTUZ ITMarken package Generic20.CPHH
PostGuard package Generic17.COF
SKScd package Generic8.GRW
Start package Agent2.BSCE
TotalNetworkInventory package Generic_c.RSB
UltraDVD package Downloader.Generic8.FHQ
WinFlip package Downloader.Swizzor.QPK
WinTk package Script/Exploit
AVG had 15 false alarms.
Panda False alarm found in some parts of Detected as Supposed prevalence AntiKeylogger package Trj/Lineage.LKK
AudioVideo2Exe package Trj/Pupack.A
CDDVDBurner package Trj/Pupack.A
DupeWiper package Trj/Pupack.A
EasyBurning package Trj/Pupack.A
GIRC package Trj/CI.A
GUIPDFtk package Trj/Pupack.A
No23Recorder package Malicious Packer
RealTek package MtE.A.drp
RouterSyslog package Trj/Pupack.A
SafetyNet package W32/Leave.L.worm
SimplyZip package Trj/Pupack.A
SPSS package Exploit/PDF.Gen.B
TightVNC package Trj/Vencil.B
T-Mobile package Generic Trojan
Tuning package Trj/CI.A
Win7PELoader package Generic Malware
WinRTG package Generic Trojan
Panda had 18 false alarms.
G DATA False alarm found in some parts of Detected as Supposed prevalence AdAware package Win32:Malware-gen
BewerbungsMaster package Win32:Malware-gen
CodePaket package Win32:Malware-gen
DiaShowPro package Win32:Dropper-CMZ
FileUtilities package Win32:Trojan-gen
GZ package INF:AutoRun-gen2
- 6 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
Luxor package Win32:Malware-gen
Schachermayer package Trojan.Generic.KDV.81886
StarOffice package Dropped:Trojan.Zlob.2.Gen
T-Mobile package Win32:Malware-gen
TrueCrypt package INF:AutoRun-BJ
TweakPower package Win32:Malware-gen
TwitterReader package Trojan.Generic.4990283
VideoTool package Win32:Malware-gen
Virweed package Win32:Malware-gen
WinAAM package Win32:Morphex
WinTuningSuite package INF:AutoRun-gen2 zTapeDump package Win32:Malware-gen
G DATA had 18 false alarms.
Avast False alarm found in some parts of Detected as Supposed prevalence AdAware package Win32:Malware-gen
AutoPlay package INF:AutoRun-gen
Bewerbungsmaster package Win32:Malware-gen
CodecPaket package Win32:Malware-gen
Dacris package Win32:Trojan-gen
DiaShowPro package Win32:Dropper-CMZ
FileUtilities package Win32:Trojan-gen
GZ package INF:AutoRun-gen2
Luxor package Win32:Malware-gen
OfficeSlipstreamer package AutoIt:Dropper-A
RTF2HTML package Win32:JunkPoly-E
SuperRAM package Win32:Banbra-AAI
T-Mobile package Win32:Malware-gen
TrueCrypt package INF:AutoRun-BJ
TweakPower package Win32:Malware-gen
Virweed package Win32:Malware-gen
WinAAM package Win32:Morphex
WinTuningSuite package INF:AutoRun-gen2 zTapeDump package Win32:Malware-gen
Avast had 19 false alarms.
ESET False alarm found in some parts of Detected as Supposed prevalence ActivePixels package Win32/Statik.01
AppBooster package Win32/Packed.Themida FotoWorks package Win32/Packed.GHFProtector.A
GoogleFilter package Win32/Injector.DWU trojan
GSA package Win32/Packed.Themida
KidKey package Win32/Agent.PUASDU trojan
Legend package Win32/Statik.01
MailExaminer package Win32/Statik.01
Masker package Win32/Genetik trojan
PostGuard package Win32/Genetik trojan
- 7 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
qvPDF package Win32/Genetik trojan
RichtigMathe package Win32/Packed.MoleboxUltra
SecureEraser package NewHeur_PE virus Settler package Win32/Packed.PECrypt32.A
StereoscopicPlayer package Win32/Packed.Themida
TotalNetworkInventory package Win32/IRCBot.BXAYOUZ trojan
TweakPower package Win32/Agent.GAFSUZH trojan
Virweed package Win32/Spy.Delf.EHAXEBG trojan
Wippien package Win32/Genetik trojan
XPWinExit package Win32/Injector.DVA trojan
ESET NOD32 had 20 false alarms.
Webroot False alarm found in some parts of Detected as Supposed prevalence 3DScreensaver package Mal/Generic-A
AcousticaMP3 package Mal/Generic-A
AdNuke package Mal/Generic-A
AntiSpamware package Mal/Behav-034
AutoStartAdmin package Mal/Generic-A
BMKBuddy package Mal/Generic-A
CDDVDBurner package Mal/Generic-A
EasyBurning package Mal/Generic-A
Ewido package Mal/Generic-A
GPSPhoto package Mal/Generic-A
IceSword package Mal/Generic-A
Miranda package Mal/EncPk-BW
MultiInstall package Mal/Generic-A
OutlookSpamBully package Mal/Behav-058
PlainPaste package Mal/Generic-A
PosterForge package Mal/Generic-L
RAIDE package Mal/Generic-A
RegCool package Mal/Generic-A
SpamAware package Mal/Generic-A
TeaTimer package Mal/Generic-A
TrendMicro package Mal/DocDrop-A
VideoExpress package Mal/Generic-A
Webroot had 22 false alarms. Webroot is a new entry in our tests – due that, it is to expect that their number of false alarms will be lower next time.
Qihoo False alarm found in some parts of Detected as Supposed prevalence AfrikaKorps package Win32/Trojan.860
Ahnenforscher package Gen:Trojan.Heur.VP.jm3@aCh9Y6A
Audio package HEUR/Malware.QVM05.Gen Autorota package ????????????
BackRTF package HEUR/Malware.QVM03.Gen
Bikerace package Win32/Trojan.881
BootStar package Win32/Trojan.Dropper.55c
CATPatch package Gen:Trojan.Heur.mAW@IirPKwqi
- 8 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
CDDVDBurning package HEUR/Malware.QVM12.Gen
CDImageConverter package ????????????
ClamWin package Win32/Trojan.Generic.25b
CorelDraw package ????????????
Cubase package ????????????
DaxChart package Win32/Trojan.5f5
DiaShow package ????????????
DriveScribe package Win32/Trojan.Hack.f51
DVDBoss package ???????????? DZip package Gen:Trojan.Heur.UT.gmW@bKZeeIei
Easy package Gen:Trojan.Heur.lu0@YMs3Pvs
EFCommander package Win32/Trojan.881
ESET package Trojan/Win32.lssj.2cc.rgrk Ewido package W32/Tufik.C eXe package Script/Trojan.0e1 FireStarter package ????????????
FolderLock package Win32/Trojan.Hack.a6c
FreeZip package Win32/Trojan.53e
GifSplitter package Win32/Trojan.881
GlaryUtilities package ????????????
Gnumeric package Win32/Trojan.38e
GoneIn60s package Win32/Troj.Elite.a
Groowe package HEUR/Malware.QVM19.Gen
HDCleaner package Win32/Trojan.881
HellCarrier package Trojan-Spy/Win32.DiabloKeys.21
HiddenFinder package ????????????
Highlight package Win32/Trojan.881
Hitman package Win32/Trojan.6bc
HPRestore package ???????????? IllusionHope package ????????????
IrfanView package ???????????? Jetico package ????????????
Jogger package ????????????
JStart package Win32/Trojan.881 Kasch package ????????????
Lilypond package Gen:Trojan.Heur.FU.iCZ@aeqi9dli
Master package HEUR/Malware.QVM02.Gen
MaxTrayPlayer package ????????????
MaxxPi package HEUR/Malware.QVM17.Gen
MS IntelliPoint package ????????????
MS Internet Explorer package HEUR/Malware.QVM03.Gen MS Windows 2000 package ???????????? MS Windows 95 package Win32/Trojan.4e1 MS Windows 98 package ???????????? MS Windows ME package ???????????? MS Windows NT package ???????????? MS Windows XP package Trojan.Generic
MyGames package HEUR/Malware.QVM11.Gen
MySpaceMusic package Win32/Trojan.b1f
No23Recorder package Trojan/Win32.Generic.51E9FC3A
NokiaFree package HEUR/Malware.QVM18.Gen Norton package Trojan.Generic
- 9 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
NotebookHardwareControl package Gen:Rootkit.Heur.kvZ@gSpDnzm
Notepad2 package ????????????
NumbersMemory package Gen:Trojan.Heur.em0@dT3bQrli
Pamela package Win32/Trojan.dbf
Particles package Win32/Trojan.931
PDFExplorer package Win32/Trojan.6e5
PerfectExpert package ????????????
PhoCalc package Win32/Constructor.5fa
PhotoMatix package Win32/Worm.622
PortableApps package Win32/Trojan.Agent.000 PrefetchClean package ???????????? Putty package Win32/Worm.2fe
Radix package Trojan.win32.dbb.rgrk
RadTools package Win32/Trojan.b7f
RMailDemo package Win32/Trojan.7c5
Schachermayer package Trojan.Generic.KDV.81886
ShowShifter package HEUR/Malware.QVM20.Gen Stammbaum package ????????????
StarOffice package Dropped:Trojan.Zlob.2.Gen
StartPatrol package Gen:Trojan.Heur.JOWavDCtpttkn
Stripper package Win32/Trojan.cc1
StrokeIt package HEUR/Malware.QVM11.Gen
SystemWiper package Generic.Malware.SN!.A050E1A2
Topola package Win32/Trojan.Hack.00b
Toppler package Win32/Trojan.b7f
TotalNetworkInventory package Trojan.Generic.1607609
TransMac package Win32/Backdoor.BO.5fa
TransXP package HEUR/Malware.QVM38.Gen
TrendMicro package Win32/Trojan.b7f
TVTool package ????????????
Tweaki package Gen:Variant.VBKrypt.0008
TwitterReader package Trojan.Generic.4990283
Urlaubstichtag package ????????????
USBDriveLetter package ???????????? uTorrent package Win32/Trojan.aa0
UVJoiner package Win32/Trojan.7a7
Video2Brain package ????????????
Virweed package Backdoor.Generic.507456
VSOInspector package Win32/Trojan.708
WinBoard package Generic/Win32.Malware.un
WinRAR package Win32/Trojan.Chifrax.733 xCAT package ????????????
XnView package ????????????
ZipGenius package HEUR/Malware.QVM06.Gen
Qihoo had 104 false alarms. Qihoo is a new entry in our tests – due that, it is to expect that their number of false alarms will be lower next time.
- 10 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
Trend Micro False alarm found in some parts of Detected as Supposed prevalence 123Backup package TROJ_GEN.US01AT
2H4U package TSPY_ONLINEG.MCS
3DMuehle package TROJ_GEN.R3EH1H5
Abilon package TROJ_Generic.DIT
ActiveKeys package TROJ_GEN.R47H1KB
ActiveSmart package TROJ_GEN.R47H1LE
AdAware package TROJ_GEN.USE00KF
AdminStick package TROJ_Generic.DIT
AdobeReader package TROJ_Gen.XZ33A0 AdvancedWMA package Mal_Xed-22
AnchorFree package TROJ_Generic.DIT AnyVideoConverter package TROJ_GEN.F27B5HG
AppSnap package TROJ_Generic.DIT
AppUpdater package TROJ_GEN.R47H1JU
Areca package TROJ_Generic.DIT
Armagetron package TROJ_Generic.DIT ASUS package TROJ_GEN.R47H1B4 Atol package TROJ_Generic.DIT
ATV2000 package TROJ_GEN.USA20HO
Audiggle package TROJ_GEN.US01VT
AudioVideo2Exe package Cryp_Mangled
Auklook package TROJ_Generic.DIT
Auralog package TROJ_Generic.DIT
AutoFeedback package Possible_Virus
Autorota package TROJ_GEN.R23B1GJ
AutoRun package TROJ_Generic.DIT
AutostartAdmin package TROJ_GEN.F4AB5HU
Avira package TROJ_GEN.R44H1HK AVSDVDPlayer package TROJ_GEN.R01H1K8 BackupFox package TROJ_Gen.XZ33A0 Baeume package TROJ_GEN.R05H1LM
BDRebuilder package TROJ_Generic.DIT
Benchmark package TROJ_GEN.R47H1AB
BenQ package TROJ_GEN.US01WT BlazeDVD package TROJ_Generic.DIT
BleibCool package TROJ_GEN.UAC261X
BlogBridge package TROJ_GEN.US00HT
BonkEnc package TROJ_GEN.F27B5HG BoxIt package TROJ_GEN.USL14HO BSPlayer package TROJ_Generic.SFB
BxAutoZip package TROJ_Gen.RZ3090
CamSpace package TROJ_GEN.R05B1KG CapTest package TROJ_Generic.DIT
CCleaner package TROJ_Generic.DIT
CDDVDBurning package TROJ_GEN.R4FH1AN
CheckDisk package TROJ_GEN.R47FFH2 ClickExe package TROJ_Generic.DIT
ClipBoardHelp package TSPY_ONLINEG.MCS
CloneCD package TROJ_GEN.USE00KF
CodecPaket package TROJ_Generic.SFB
- 11 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
ComGetter package TROJ_GEN.USE00FF
CommTest package TROJ_GEN.R47H1LI
ConvertAll package TROJ_Generic.DIT CoolPlayer package TROJ_GEN.R47H1KQ
Coop package TROJ_GEN.RB3H1LI
CPUControl package TROJ_Generic.DIT
CPUz package TROJ_GEN.R99H1BH
CrazyWords package TROJ_Gen.CX07U6
CreativeLabs package TSPY_ONLINEG.MCS CS4eBook package TROJ_GEN.R47B1KE
Deadlink package TROJ_GEN.R99H1BR
DefragProfessional package TROJ_GEN.US031T
DelHistory package TROJ_GEN.USE00FF
DeltaForce package TROJ_GEN.R4CH1HI Deluxanoid package TROJ_GEN.R47B1JL
DFend package TROJ_Generic.DIT
DiaShow package TROJ_GEN.R4CH1KR
DigiDesign package TROJ_Generic.DIT
DiskCleaner package TROJ_Generic.DIT
DiskInvestigator package TROJ_Generic.DIT DOSBox package TROJ_Generic.DIT DownTester package TROJ_GEN.R44H1A5
DownTube package TROJ_GEN.R47H1LI
DriveLed package TROJ_GEN.R47H1A3
DriverCleaner package TROJ_Generic.DIT
DriveScan package TROJ_GEN.R4FH1BF
DVBSource package TROJ_GEN.R99H1AJ
DVRStudio package TROJ_GEN.USB10HO Emsisoft package TROJ_Generic.ADV
EraserVerify package TROJ_GEN.R34H1A4
Everything package TROJ_GEN.USL09HO
Ezanole package TROJ_Generic.DIT
FBReader package TROJ_Generic.DIT
Ferrari360 package TROJ_GEN.R99H1AH
FileAnalyser package TROJ_Generic.DIT
FileHasher package TROJ_GEN.R29H1LI FileZilla package TROJ_GEN.R99H1B6 Firefox package TROJ_GEN.US026T FlipBookPrinter package TROJ_Gen.CX15U3
FolderLock package TROJ_GEN.R37H1LK
FotoMosaik package TROJ_Generic.DIT Fping package TROJ_GEN.USE00FF
FreeOCR package TROJ_GEN.R42H1KK FreePDF package TROJ_Generic.DIT FunnyTetrix package TROJ_GEN.R4CH1JR
GelbeSuche package TSPY_ONLINEG.MCS
GetIt package TROJ_GEN.RBDH1A4
GetNext package TROJ_Gen.MZ40L8
GIMP package TROJ_Gen.RZ3093 GIRC package TROJ_GEN.R99H1BM
GliBlock package TROJ_GEN.R47H1JS
Gmer package TROJ_GEN.R4CH1HO
- 12 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
Gothic2 package TROJ_GEN.R47H1KF
Guardian package TROJ_GEN.US01JT
GuiPdfTk package TROJ_GEN.R47H1L3
HaloThird package TROJ_GEN.R05B1BM
Hauppage package TROJ_AGENT.MCS
HDCleaner package TROJ_GEN.US018T HDConvert package TROJ_Gen.CX12C8
HDPowerwash package TROJ_Gen.LZ40J1
HDWasher package TROJ_Generic.DIT
Helios package TROJ_GEN.F9BB5IT
HideFiles package TROJ_GEN.R47H1K8
HomepageGuard package TROJ_GEN.R99H1AQ
HPDeskJet package TROJ_GEN.USL23HO
HPRestore package TROJ_GEN.US02WT
IconHider package TROJ_Gen.4X0967
IconXtractor package TROJ_GEN.R42H1BH
IDA package TROJ_GEN.R1CH1LI iPodSupport package TROJ_GEN.USE00KF
IrfanView package TROJ_GEN.RFFH1L9 iTunesGenreArtManager package TROJ_GEN.R47H1H7
JkDefrag package TROJ_GEN.RFFH1BP JStart package TROJ_GEN.RFFH1B8
Kaspersky package TROJ_GEN.F43C6JS KeyboardNetworkLeds package TROJ_GEN.R47FFH3
KidRocket package TROJ_Generic.DIT
Kohan package TROJ_Gen.0Z33B7
Kontinente package TROJ_GEN.RFFH1BL Launcher package TROJ_Generic.DIT
Lazarus package TROJ_GEN.R47H1I2
Lightscreen package TROJ_GEN.R4FH1BD Lingoes package TSPY_ONLINEG.MCS
LockOn package TROJ_Generic.DIT
Mailwasher package TROJ_GEN.R74H1L3
MalwareBytes package TROJ_GEN.R3EH1LB MapleXP package TROJ_GEN.R47H1KA
Matrox package TROJ_APPINIT.MCS MauMau package TROJ_GEN.US00OT MaxView package BKDR_Generic.DIT
MaxxPi package TROJ_GEN.USA19HO
MediaConverter package TROJ_GEN.R4CH1B5 Mediaportal package TROJ_Generic.DIT Messenger package TROJ_GEN.US02GT Miranda package TROJ_Gen.RZ3093
MKV2VOB package TROJ_Generic.DIT MKVtoolnix package TROJ_GEN.R23FFH4 MobileNavigator package TROJ_Generic.DIT MojoPac package TROJ_GEN.US02ST Movica package TROJ_GEN.USK22HO
Movienizer package TROJ_Gen.CX15U3
MoviePlayer package TROJ_Generic.DIT
MoWeS package TROJ_Generic.DIT
MP3DirectCut package TROJ_GEN.R47H1JU
- 13 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
MpegValid package TROJ_GEN.R4CH1HS
MSI package TROJ_GEN.RB3H1JR
MSIWlan package TROJ_GEN.R2FH1HR MSVisualC package TROJ_Generic.DIT MyLastSearch package TROJ_GEN.F4AB5HI
MyMDb package TROJ_GEN.R47H1LP
MythicBlades package TROJ_GEN.USA25HO
Nero package TROJ_GEN.F27B5HE Nmap package TROJ_Gen.XZ33A0
No23recorder package TROJ_Gen.XZ33A0
Notepad2 package TROJ_GEN.RFFH1AN NotMad package TROJ_GEN.R3BH1AD
OfficePack package TROJ_GEN.R4CH1LI
Omnimo package TROJ_GEN.R47H1JA
OpenWith package TROJ_GEN.RB4H1K2 OperaTor package TROJ_GEN.R21FFH3
ORePClook package TROJ_GEN.US01VT
OriensEnhancer package TROJ_Generic.DIT
PacManiac package TROJ_GEN.R2FH1H6
Panel package TSPY_ONLINEG.MCS
PaperlessPrinter package TROJ_GEN.F27B5HG
PassBild package TROJ_GEN.USE00UF
PaxGalaxia package TROJ_GEN.R99H1B8
PCGames package TROJ_Generic.DIT PCW package TROJ_GEN.R4FH1L5
PDFSplit package TROJ_GEN.R47H1KB PeaZip package TROJ_Generic.DIT
PEBuilder package TROJ_GEN.USBRH26
PEiD package TROJ_GEN.R47FFH3
PENetwork package TROJ_GEN.R47H1JT
PersonalDesktop package TROJ_Generic.DIT
PhoCalc package TROJ_GEN.USHRH30
PhotoLine package TROJ_GEN.USBRH26
PhotoLinker package TROJ_Gen.XX15U3
PhotoMatix package TROJ_Generic.DIT
PhotoResizer package TROJ_Generic.DIT PictureShark package TROJ_Gen.CZ33J8 Pidgin package TROJ_GEN.US02GT PlainPaste package TROJ_GEN.RFFFFH2
PocketPC package TROJ_Generic.DIT
PortableApps package TROJ_Generic.DIT PosteRazor package TROJ_Generic.DIT
PowerDirector package TROJ_GEN.R99H1BP
Qemu package TROJ_GEN.US00NT Quicken package TROJ_GEN.R47H1KH
QuickSilver package TROJ_Generic.DIT
R8Brain package TROJ_GEN.USI09HO
Rainlendar package TROJ_GEN.USE00FF
RecursivePeIMG package TROJ_GEN.R47H1JR
Rmaa package TSPY_ONLINEG.MCS
RoboForm package TROJ_Generic.DIT
RTF2HTML package TROJ_GEN.R99H1BF
- 14 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
RTP package TROJ_GEN.R1CH1HC SAD package TROJ_Generic.DIT
SafeNSec package TROJ_GEN.USD0BJ SafetyNet package TROJ_GEN.R47H1K9
SafeXP package TROJ_GEN.R47H1JL
Schachermayer package TROJ_GEN.R47H1AA
Schwimmen package TROJ_GEN.R47H1K9
ScientistSlaughter package TROJ_GEN.US031T
Scite4AutoIt package TROJ_GEN.R4CH1KQ
Scratch package TROJ_Generic.DIT SecretMaker package TROJ_GEN.R2FH1HK
ShadowExplorer package TROJ_Generic.DIT Siedler package TROJ_GEN.R47H1AD
SimplyZip package TROJ_GEN.R47H1L5
SmartNTFSRecovery package TROJ_GEN.US025T
SopChast package TROJ_GEN.R49FFH3 SplitF package TROJ_GEN.R44H1HT
SPSS package TROJ_Gen.MZ40L8 SpyAd package TROJ_Gen.CX15U3
SpyDetector package TROJ_GEN.R47H1LI
SpySweeper package TROJ_GEN.R47H1LI
SSM package TROJ_Generic.ADV
StationRipper package TROJ_GEN.F27B5HA
Steeper package TROJ_GEN.US00ZT
StickSecurity package TROJ_GEN.R44FFH3
SudokuPortable package TROJ_GEN.USCDI21 SumatraPDF package TROJ_GEN.R47H1KU Super package TROJ_GEN.R4FH1BC
SuperCopier package TROJ_GEN.R47H1AI T-Mobile package TROJ_GEN.R99H1BF
TagRunner package TROJ_GEN.USL29HO
TaskCoach package TROJ_Generic.DIT TaskKill package TROJ_GEN.R47H1LI TeamViewer package TROJ_GEN.R99H1BP TeaTimer package TROJ_GEN.R29C3G4
Telefonbuch package TROJ_GEN.R99H1LS
TestDisk package TROJ_Gen.CX15U3
Tetrix package TROJ_GEN.R4CH1JR TheBestMovie package TROJ_GEN.R1CH1L9
ThunderBird package TROJ_GEN.R23FFH3 Toppler package TROJ_GEN.R47H1KQ
TorBrowser package TROJ_GEN.R2FFFH3
TorturedSoul package TROJ_GEN.F27B5HG
TraktorRacer package TROJ_GEN.R4CH1LP
TransXP package WORM_SPYBOT.MCS
TubeCatcher package TROJ_GEN.R47H1KF
TuneUpUtilities package TROJ_GEN.RB3H1JR
TVBrowser package TROJ_Generic.DIT TweakPower package TROJ_GEN.USHRH30
TwonkyMedia package TROJ_GEN.R47H1JR
UltimateSudoku package TROJ_GEN.R4CH1K2
UltraMon package TROJ_GEN.F4AB5HF
- 15 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
Unreal package TROJ_GEN.USL27AG USBFehlerbehebung package TROJ_GEN.R47H1LG VanDerLee package TROJ_Generic.ADV
VersionBackup package TROJ_GEN.R3EH1JT
Video2MP3 package TROJ_GEN.USBRH26 VirtualKeyboard package TROJ_Gen.GZ30O5
VirtualPiano package TSPY_ONLINEG.MCS
Virweed package TROJ_GEN.R47B1L1
ViSplore package TROJ_Generic.DIT
Visstyler package TROJ_Gen.CZ12D6
VistaIcons package TROJ_GEN.US01JT VLCPortable package TROJ_Generic.DIT VolumeLimiter package TROJ_GEN.USL22HO
WarnDial package TROJ_GEN.R47H1A9
WaveKnife package TROJ_GEN.R21H1B9
WGet package TROJ_Generic.ADV
Win7Box package TROJ_GEN.R10H1B5
Win7PELoader package TROJ_Gen.MZ40M2
WinAmp package TSPY_ONLINEG.MCS WinBar package TROJ_Gen.RZ33C1
WinCon package TROJ_GEN.US013T
WinFlip package TROJ_GEN.R47H1AR
WinHighlight package TROJ_Generic.DIT
WinInstaller package TROJ_GEN.R47H1KI
Wise package TROJ_GEN.RB3H1JR
WiseCrypt package TROJ_GEN.R47H1LB
WISO package TROJ_GEN.R47H1L8 XeroBank package TROJ_GEN.R47FFH3 Xobni package TROJ_GEN.F27B5HG
XPAntiSpy package TROJ_GEN.R99H1A1
XVideo package WORM_AUTORUN.MCS
Zattoo package TROJ_Gen.MZ40K6
Trend Micro had 290 false alarms.
- 16 - Anti-Virus Comparative - Appendix – February 2011 www.av-comparatives.org
Copyright and Disclaimer
This publication is Copyright © 2011 by AV-Comparatives e.V. ®. Any use of the results, etc. in whole or in part, is ONLY permitted after the explicit written agreement of the management board of AV- Comparatives e.V., prior to any publication. AV-Comparatives e.V. and its testers cannot be held liable for any damage or loss, which might occur as result of, or in connection with, the use of the information provided in this paper. We take every possible care to ensure the correctness of the basic data, but a liability for the correctness of the test results cannot be taken by any representative of AV-Comparatives e.V. We do not give any guarantee of the correctness, completeness, or suitability for a specific purpose of any of the information/content provided at any given time. No one else involved in creating, producing or delivering test results shall be liable for any indirect, special or consequential damage, or loss of profits, arising out of, or related to, the use or inability to use, the services provided by the website, test documents or any related data. AV-Comparatives e.V. is a registered Austrian Non-Profit-Organization.
For more information about AV-Comparatives and the testing methodologies, please visit our website.
AV-Comparatives e.V. (March 2011)
- 17 -