Discussion in 'other anti-virus software' started by Blutarsky, Nov 19, 2006.
What do you think?
Personally I find virustotal to be reliable, I've noticed once or twice before it doesn't detect things that the product does but generally it's good.
I've found Jotti's quite frequently shows samples as undetected when they are actually detected by that product, jotti's runs on linux so this may be the reason.
I prefer VirusTotal over Jotti's, for the same reason stated above.
Me , too
Both jotti and virustotal are reliable for what they purport to do:
Jotti says on its webpage at: http://viruscan.jotti.org:
Scanners used are Linux versions, differences with Windows scanners may or may not occur.
whereas, it looks obvious that Virustotal uses Windows scanners from their webpage at: http://www.virustotal.com/en/indexf.html even though they do not state that they do.
Therefore, if you use Linux/Unix OS use jotti, else if you use Windows use virustotal, or you can use both if you prefer.
The problem is not that Jotti is unreliable - the scan linux engines of those antivirus program don't have the same capabilities as the win32 versions.
I´m interested in this
Do you mean heuristics for example?
I normally use VirusTotal.
Both the Linux and Windows scan engines have approximately the same capabilities, however, they are loaded to scan for different malware patterns depending on what infection is current for either focus of the scans - Windows vs Linux.
Anyway they should be constantly updated, right?
If you have a suspicious file and want to go beyond your installed AV you should trust those sources..... or not?
To my best knowledge, problems with Jotti's scanner stem from memory exhaustion. Sometimes you receive a correct result if you send the very same file twice.
When I was testing 0-day viruses, all scanners got them by heuristic, so I see no difference.
I hear for the first time about virus.org and scanned now the eicar test:
Could that be the site-scanner or panda and ikarus ??
I usually scan with Virustotal, but when I'm in a hurry I use jotti, which is a lot faster.
Later Edit: I've scanned the eicar test again with virustotal and their pand and ikarus are detecting the file correctly.
i saw no problems on any AV with eicar, when going through virustotal ... maybe the one you tried it on is poor.
AntiVir 184.108.40.206 11.20.2006 Eicar-Test-Signature
Authentium 4.93.8 11.17.2006 EICAR_Test_File
Avast 4.7.892.0 11.20.2006 EICAR Test-NOT virus!!
AVG 386 11.20.2006 EICAR_Test
BitDefender 7.2 11.20.2006 EICAR-Test-File (not a virus)
CAT-QuickHeal 8.00 11.20.2006 EICAR Test File
ClamAV devel-20060426 11.20.2006 Eicar-Test-Signature
DrWeb 4.33 11.20.2006 EICAR Test File (NOT a Virus!)
eSafe 220.127.116.11 11.20.2006 EICAR Test File
eTrust-InoculateIT 23.73.59 11.18.2006 EICAR_test_file
eTrust-Vet 30.3.3203 11.20.2006 the EICAR test string
Ewido 4.0 11.20.2006 Not-A-Virus.Test.Eicar
Fortinet 18.104.22.168 11.20.2006 EICAR_TEST_FILE
F-Prot 3.16f 11.17.2006 EICAR_Test_File
F-Prot4 22.214.171.124 11.17.2006 EICAR_Test_File
Ikarus 0.2.65.0 11.20.2006 EICAR-ANTIVIRUS-TESTFILE
Kaspersky 126.96.36.199 11.20.2006 EICAR-Test-File
McAfee 4900 11.20.2006 EICAR test file
Microsoft 1.1609 11.20.2006 EICAR_Test_File
NOD32v2 1873 11.20.2006 Eicar test file
Norman 5.80.02 11.20.2006 EICAR_Test_file_not_a_virus!
Panda 188.8.131.52 11.20.2006 EICAR-AV-TEST-FILE
Prevx1 V2 11.20.2006 EICAR-Test-File
Sophos 4.11.0 11.16.2006 EICAR-AV-Test
TheHacker 184.108.40.206 11.18.2006 EICAR_Test_File
UNA 1.83 11.20.2006 EICAR.Test-file
VBA32 3.11.1 11.20.2006 EICAR-Test-File
VirusBuster 4.3.15:9 11.20.2006 EICAR_test_file
Obviously , it is not Panda and IKarus
Separate names with a comma.