#1: If you want to be 100% protected against virusses, unplug the cable which connects your PC with remote PCs and the internet.
I'm sure, nobody wants this. 99,999... % of PC users need this connections.
Now some theory:
There are a couple of AV program supplyers, who all do the same:
They search through files and check for patterns which are known as 'virus stamps' in their database.
Of course, if there are different supplyers, there are also different databases filled with different patterns.
And it is propable that they are more or less successful 'hitting' because the pattern method only looks for some known strings.
Maybe one supplyer does not detect a certain virus, and a different one thinks to have detected a virus, inspite there is none.
That depends on the patterns in the data base.
The responsibility to decide is still yours!
Now we make a test and give a file for test to 40 different suppliers.
Most of them do not detect a virus, but some of them do so.
Please allow me here to give an OT sample:
The propability that I have an accident when crossing a street, is 'A'
The propability to win in a lottery is 'B'
And 'B' is much lower than 'A'.
I cross the street because I do not think that 'A' will become active.
For what reason I should play in the lottery and think that my much less propable 'B' will become active?
(BTW: I really never played in a lottery)
My statement:
If there are less than 33% of supplyers detecting a virus, there is no one (especially if they report different virusses).
If there are more than 66% of supplyers detecting a virus, there is one.
Between them there is a grey zone where the user has to decide.
I'm waiting for comments!
Peter
EDIT: Following Jaclaz's post #2:
If the VirusTotal percentage is below 33%, but increases with a next trial some hours later: Maybe there is really a virus!
If the VirusTotal percentage is above 66%, but decreases with a next trial some hours later: Maybe there is a wrong positive!
Edited by psc, 26 April 2009 - 03:15 PM.
Some more information