You’ve run your primary anti-malware application, and up pops a notice advising you that you have an infection. But since you’re an aware computer user, you launch both your secondary malware scanners in sequence and – surprise! According to your secondary scanners you are not infected.
But, you’re aware that anti-malware programs that rely on a definition database to identify malware files, can often be behind the curve in recognizing the newest threats.
So, decision time. Do you then trust your primary anti-malware application and attempt removal, or instead, do you trust the results produced by your secondary scanners, and leave well enough alone?
In reality, you’re not really limited to just these two choices. There is another option open to you.
If you’re worried about a specific file, here’s an interesting twist on free Online scanners– you can have any specific computer file (files are restricted to a maximum of 10 megabytes), scanned for nasties by thirty five plus diverse online scanners, all in one go, through VirusTotal.
To take advantage of this service, simply upload a file, that you’re uncertain of, to Virus Total, or as an alternative submit your suspicious file to Virus Total by email. What could be simpler?
The following graphics indicate just how efficient this free service is.
Received Files/Infected Files (Last 24 Hours) May 28, 2010:
This image shows the number of files that have been detected as infected (red) among the total number of files received within the last 24 hours (clean ones marked in blue).
Top 10 Infected Files (Last 24 Hours), May 28, 2010:
This image shows the list of the most-uploaded infected files received within the last 24 hours.
Quick facts:
Free, independent service
Use of multiple antivirus engines
Real-time automatic updates of virus signatures
Detailed results from each antivirus engine
Real time global statistics
Keep in mind, this service is not a substitute for an appropriate local defense system, including a firewall (either software or hardware), and a sound and effective anti-malware application.
Upload your suspicious file/s to: Virus Total
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.
Bill Mullins' Weblog - Tech Thoughts 
I use Virus Total and it works really well, I also think HiJack This is very useful.
Hey Mark,
HiJack is an absolute necessity – wouldn’t be without it.
Have a terrific holiday weekend.
Best,
Bill
Hey Bill,
A good reminder to never rely on just one program.
Cheers
Hey Mal,
Using one application only, can lead to one acting on misinformation, for sure.
Best,
Bill
…and what if the file in question contains confidential information? For all the tea in China I would not distribute it unencrypted and via Internet to 35+ unknown parties.
Regards,
Georg
Hi George,
I agree – but the intent of the article was not to suggest abandoning common sense.
Best,
Bill
Bill,
Great article as usual.
BTW, I re-looked and couldn’t see where you suggested sending confidential files in the clear.
Liam
Thanks Liam.
Bill
Bill,
Good article on Virus Total and I agree it’s a great tool. A secondary benefit of sorts is that you get to see how many of the mainstream AV vendors test negative when a virus is present. It will really surprise you.
Best,
Paul
Hey Paul,
Yes, I agree “you get to see how many of the mainstream AV vendors test negative when a virus is present”. As you say, the results can be surprising.
Thanks for dropping by.
Best,
Bill
The program AnVir Task Manager free edition has a feature that allows you to scan running processes directly through VirusTotal in it’s interface. I regularly use this function to check my new installations.
Thanks for that Adrian.
Bill
Hi Bill,
Nice reminder about online scanners… So bad HJT isn’t fully compatible with se7en x64..
Btw, heard about the new phising concept- Tabnagging…?
http://krebsonsecurity.com/2010/05/devious-new-phishing-tactic-targets-tabs/
However, the new version of NoScript is resistant to this attack. One more reason as why to have latest versions of programs… 😛
Hey Ranjan,
Yes, HJT needs to get up to speed with a x64 edition.
I covered the so called “tabnapping” issue a few days ago – another tempest in a teapot, in my view.
Bill
Pingback: » False Malware Positive? Or Not? How Do You Decide? « Bill Mullins … RWPS