Perfect Virus Scanner

Last time I end up one of my post with a question; “Can we trust an Antivirus?” I found a good example that can help me to find an answer. That is virusscan.jotti.org.

What is so special about virusscan.jotti.org?

Jotti is an online virus scanner powered by nineteen virus scanners and gives each result. So if you scan a file through Jotti, nineteen individual virus scanners will scan the file for viruses.

We cannot blame any of the antivirus software, because each one is base on their own logic to identify viruses. There are good points and bad points. Jotti’s logic is simple use as many as recognized virus scanners possible.

Virus scanners used by Jotti

A-Squared

AntiVir

ArcaVir

Avast

AVG Antivirus

BitDefender

ClamAV

CPsecure

Dr.Web

F-Prot Antivirus

F-Secure Anti-Virus

Ikarus

Kaspersky Anti-Virus

NOD32

Norman Virus Control

Panda Antivirus

Sophos Antivirus

VirusBuster

VBA32

You can see the last scanned positive result.

Scanner	Malware name
A-Squared	MalwareScope.Trojan-PWS.Pinch.1
AntiVir	SPR/Agent.Z.1
ArcaVir	Riskware.Hacktool.Agent.Z
Avast	Win32:Agent-KIW
AVG Antivirus	HackTool.BND
BitDefender	Trojan.Hacktool.Agent.Z
ClamAV	X
CPsecure	HackTool.W32.Agent.z
Dr.Web	X
F-Prot Antivirus	W32/EmailWorm.GWV
F-Secure Anti-Virus	HackTool.Win32.Agent.z
Ikarus	MalwareScope.Trojan-PWS.Pinch.1
Kaspersky Anti-Virus	HackTool.Win32.Agent.z
NOD32	probably a variant of Win32/Hacktool.Agent
Norman Virus Control	X
Panda Antivirus	Trj/Downloader.MDW
Sophos Antivirus	X
VirusBuster	I-Worm.Agent.BNDW
VBA32	X

If you look closely on this example you a see different viruses were found by different virus scanners. May be they identified the same virus with a different name. Some scanners failed to detect any virus at all.

Limitations I see in Jotti is that you can scan only one file at a time. You will not be able to download each and every virus scanner on your machine.

Conclusion is we cannot trust a single virus scanner. It might say it’s cleared but the file might be infected.