Analyzing Suspicious Files For Viruses And Other Malware

February 29, 2008

Today I want to tell you about one of the coolest web sites you’ll ever come across! Okay, that may be a bit of an exaggeration but you get my point. Did you ever receive an attachment from a friend or family member and just *hoped* it wasn’t infected with a virus or carrying a trojan with it? Yeah. Me too. I have one particular family member who for some unknown reason likes to e-mail me videos as WMV attachments! And with all the vulnerabilities present within Windows Media Player, sometimes I’m a little scared to open these videos! Sure, they are run through my antivirus program before executing, but how do I know my antivirus vendor can detect whatever malware may be present within the file? In situations like these, wouldn’t it be nice to run my little WMV through a *number* of vendor’s antivirus scanning engines?

Yeah, it would…

Enter VirusTotal. VirusTotal basically allows you to scan any file on your hard drive using *many* different antivirus vendor’s scanning engines. It’s an on-demand service that couldn’t be simpler to use. You goto the website, upload your file using the form there, and then your file is entered into the que to be scanned. Typically the que is quite short, most of the time 5 minutes or less. Once your file is up to be scanned, the website will scan it with no less than 32 different scanning engines! These engines include all the major ones you’ve heard of (McAfee, Symantec, Sophos), plus a number you probably haven’t (Prevx, Softwin, Norman).

One final word…while VirusTotal truly is a great tool (and free to use), it doesn’t obliterate the need for an antivirus program installed locally on your workstation…hopefully that goes without saying, but in case not….well there you go!

Incidentally, if anyone knows of any other web sites that allow on-demand malware analysis, please let me know in the Comments below…

Rating: 1 Star