Results 1 to 7 of 7

Thread: Interesting link for you folks. (Virus checker related)

  1. #1
    o|-< acrobat's Avatar
    Join Date
    May 2006
    Posts
    1,754
    Thanks
    225
    Thanked
    75 times in 58 posts
    • acrobat's system
      • Motherboard:
      • Gigabyte DS4 965p Revision 2
      • CPU:
      • E6600
      • Memory:
      • Corsair 4gig DDR 800 (C4)
      • Storage:
      • two 320gig Seagate Barracudas, and one 750 gig Seagate Barracuda (7200.10) and a 750gig same brand.
      • Graphics card(s):
      • 8800GTX
      • PSU:
      • Corsair HX 620
      • Case:
      • Akasa Eclipse 62
      • Monitor(s):
      • Apple Cinema Display 20"
      • Internet:
      • Virgin Media - Slow, expensive rip off, Indian customer service. Great choice eh? :C

    Interesting link for you folks. (Virus checker related)

    Hi everyone, my last PC got in a right old mess, so since then, I have learnt a lot about system security. I run a seriously tight ship now, and nothing gets in or out without my knowing (I'm behind a firewall and I use NOD32 as my virus checker, and I have a few spyware checking programs too.)

    You can also use an online virus scan from time to time, for a second opinion, although nothing has ever got past NOD.

    Anyway... I recently found a webpage that I think is a great idea. It lets you upload a file (only 1 at at time though), and it scans the file with about 20! of the most popular virus checkers. So you can't scan your whole computer or anything (do that with this instead), but if you ever get a single file that you really want, but you are suspicious about it, then you can upload it to this webpage, and it will scan the file with 20 of the best virus checkers available today.

    I've used it a couple of times, and when the site isn't too busy, it has scanned the file for me very quickly. I think its a really useful resource and a good idea. Probably not of use to most of you, but if any of you deal with suspicious files sometimes, this place could be a dream come true.

    Heres the link:
    http://virusscan.jotti.org/
    Last edited by acrobat; 06-08-2007 at 07:40 PM.

  2. #2
    Member
    Join Date
    Oct 2006
    Location
    London
    Posts
    195
    Thanks
    4
    Thanked
    19 times in 12 posts
    Yeah, it's a pretty good site. I've used it a couple of times in the past. But it can be a bit confusing at times when you get mixed results, i.e. when one or two AV's report a virus but others say the file's clean. Is this because those AV's have better detection or more up-to-date definitions or are they reporting false positives?

  3. #3
    o|-< acrobat's Avatar
    Join Date
    May 2006
    Posts
    1,754
    Thanks
    225
    Thanked
    75 times in 58 posts
    • acrobat's system
      • Motherboard:
      • Gigabyte DS4 965p Revision 2
      • CPU:
      • E6600
      • Memory:
      • Corsair 4gig DDR 800 (C4)
      • Storage:
      • two 320gig Seagate Barracudas, and one 750 gig Seagate Barracuda (7200.10) and a 750gig same brand.
      • Graphics card(s):
      • 8800GTX
      • PSU:
      • Corsair HX 620
      • Case:
      • Akasa Eclipse 62
      • Monitor(s):
      • Apple Cinema Display 20"
      • Internet:
      • Virgin Media - Slow, expensive rip off, Indian customer service. Great choice eh? :C
    Its hard to know, it could quite easily be either.

    I have read that a lot of virus checkers are seriously crap... to be brutally honest. Norton (Symantek?) anti virus for example, have a terrible reputation amongst.. well... geeks , and its quite a shame because it also seems to be the most commonly used anti virus. Its like a corporate one so maybe its pre-installed on a lot of PC's or something.

    But yes, a lot of them are just not updated regularly enough. I think that might be why this NOD32 does so well in tests (because it gets updated definitions very regularly).

    But also, I have heard a lot of the very respected ones (Like "BitDefender" etc), can often produce "False Positives". Although I think sometimes that isn't always a case of them reporting something incorrectly, but more a case of them finding something unusual, and just reporting it. And the report may make it seem like a virus but its not. I think you can sometimes google the report and read what it says. I can't remember, but I think I might have done that before with a BetDefender warning, and it actually said it was unusual but not definitely a virus. But I'm not sure about all that anyway.

    Its definitely useful though when that doesnt happen. I think if I ever got something with a positive (even if it was a false positive) I would probably just delete it, unless I was absolutely desperate for it. But its been useful to me a few times anyway. I once got sent a .exe from someone as an email attachment. I trusted them, but a .exe is just so suspicious... so I checked that and it came back negative with everyone single test, so I knew it was safe. The peace of mind is nice




    P.S. I remember I was once installing something like Nero or something, and my NOD32 came up with a warning. The software I was installing, was asking if I wanted to install the "Ask Toolbar / Searchbar", and NOD32 popped up a warning that it was spyware or something. Which I suppose could be interpreted as a false positive, becuase its an anti-virus program popping up a warning for something that isn't actually a virus... but in reality, those toolbars often include all kinds of dodgy crap, including stuff that "spies" on what you do/type. So I am glad it gave a warning

    *pats NOD on the head*

    Not that I would allow a toolbar to get installed anyway.. I dont even allow the google toolbar. If I want to search something, I just go to google.com. All those themes and toolbars and stuff like that, are all good for nuthin' bits of rubbish that slow people's computers down.
    Last edited by acrobat; 06-08-2007 at 08:10 PM.

  4. #4
    Senior Member
    Join Date
    May 2007
    Location
    West Wales
    Posts
    484
    Thanks
    30
    Thanked
    18 times in 16 posts
    • Phil_P's system
      • Motherboard:
      • Gigabyte P35-DS4
      • CPU:
      • Q6600 G0
      • Memory:
      • 4x1GB Crucial
      • Storage:
      • 2 x WD 1TB in RAID1
      • Graphics card(s):
      • Gigabyte 7600GS
      • PSU:
      • Etasis 750W
      • Operating System:
      • RHEL5/RHEL6
      • Monitor(s):
      • Samsung 226BW 22" panel
      • Internet:
      • F2S 8mbit
    Quote Originally Posted by silentvoice View Post
    Yeah, it's a pretty good site. I've used it a couple of times in the past. But it can be a bit confusing at times when you get mixed results, i.e. when one or two AV's report a virus but others say the file's clean. Is this because those AV's have better detection or more up-to-date definitions or are they reporting false positives?
    For the most part, if 2 or 3 products are reporting a file as suspicious, I'd treat it accordingly. I work in malware research and I see literally dozens of samples each day that are not initially detected by the vast majority of AV vendors. The AVs are not reporting the file as "clean", but rather just that it didn't detect anything - there's a BIG difference! If you're still in doubt over the integrity of a file, I'd submit it to your AV vendor and see what they have to say once they've analyzed it.

    And here's another excellent similar site - Virus Total:

    http://www.virustotal.com/

    Enjoy

  5. #5
    Gentoo Ricer
    Join Date
    Jan 2005
    Location
    Galway
    Posts
    10,945
    Thanks
    985
    Thanked
    936 times in 697 posts
    • aidanjt's system
      • Motherboard:
      • Asus Strix Z370-G
      • CPU:
      • Intel i7-8700K
      • Memory:
      • 2x8GB Corsiar LPX 3000C15
      • Storage:
      • 500GB Samsung 960 EVO
      • Graphics card(s):
      • EVGA GTX 970 SC ACX 2.0
      • PSU:
      • EVGA G3 750W
      • Case:
      • Fractal Design Define C Mini
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • Asus MG279Q
      • Internet:
      • 240mbps Virgin Cable
    NOD32 and Sophois are the two best scanners when it comes to reliability (balance between positive and negative hits). All the rest are usually a steaming pile of doggy do do.
    Quote Originally Posted by Agent View Post
    ...every time Creative bring out a new card range their advertising makes it sound like they have discovered a way to insert a thousand Chuck Norris super dwarfs in your ears...

  6. #6
    Member
    Join Date
    Oct 2006
    Location
    London
    Posts
    195
    Thanks
    4
    Thanked
    19 times in 12 posts
    Quote Originally Posted by acrobat
    .
    I'm glad you're happy with NOD32. It's a product I've wanted to use but it's priced a bit high for just an AV and I'd have to find a firewall to complement it – which means more money. I remember reading a while back that Eset were introducing a Security Suite but I don't know whether that's been released yet and more importantly how it fairs as a firewall. One strong aspect of NOD32 in the past has been it's heuristics but it doesn't come out on top when using actual definitions. I've had F-secure in the past (uses several detection engines including Kaspersky's as well as Lavasoft's ad-aware component for spy-ware) but it was quite resource hungry. On start-up / shut-down it was particularly noticeable but overall it was a great product which was easy to use, flexible and did what it had too. For the past few months I've been using Kaspersky. It's less resource hungry but one thing I didn't like was by default it uses iswift / ichecker to 'attach tags' to your files to help decrease scanning time. So if the file remains unchanged, it won't rescan it (in theory). The firewall side of things needs a bit more training / setup than F-Secure's did as well - but only initially. It's been years since I've used Norton's security product - the last one was back in 2003. They were actually quite good then and ran well but Norton seems to have lost it way – not to say that’s it particularly bad at detection rate.

    Also, in the past Norton's products would only automatically update once a week - compared to products from Kaspersky, F-Secure etc. which updated several times a day! If you wanted to update more frequently you'd have to do so manually. I don't know if this has changed though.

    A useful (and reliable) site I look at from time to time for Anti-Virus performance is here: http://www.av-comparatives.org/. They carry out On-demand and Retrospective tests and is certainly interesting reading. You’ll need to click on Comparatives (left hand side) and then review the results for a specific date (February and May being the latest). August results will be due soon.


    Quote Originally Posted by Phil_P
    For the most part, if 2 or 3 products are reporting a file as suspicious, I'd treat it accordingly. I work in malware research and I see literally dozens of samples each day that are not initially detected by the vast majority of AV vendors. The AVs are not reporting the file as "clean", but rather just that it didn't detect anything - there's a BIG difference! If you're still in doubt over the integrity of a file, I'd submit it to your AV vendor and see what they have to say once they've analyzed it.
    Yeah, true. Better to be safe than sorry but some AV's do have a habit of reporting false postives.

    And thanks for the link. I haven't come across this site before.

  7. #7
    Get to da choppa Million's Avatar
    Join Date
    Oct 2005
    Location
    Cardiff
    Posts
    1,040
    Thanks
    72
    Thanked
    17 times in 16 posts
    • Million's system
      • Motherboard:
      • Asus P5G41T-M LX2/GB/SI LGA775 mATX
      • CPU:
      • Core2 Quad Q6600
      • Memory:
      • 6Gb Corsair DDR3
      • Storage:
      • 256Gb OCZ Octane SSD, 3Tb Seagate HDD, 250Gb Samsung HDD
      • Graphics card(s):
      • HD4850 1Gb
      • PSU:
      • xClio 700w
      • Case:
      • Fractal Design Arc Mini (watercooled)
      • Operating System:
      • Windows 7
      • Monitor(s):
      • LG 36" LED TV
      • Internet:
      • Virgin 60mb cable
    Heh, useful when you've got a zip file from a torrent share site fo sho

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •