Jump to content
CCleaner Community Forums
Sign in to follow this  
Fluffy

Virus Total

Recommended Posts

Hi Folks

Don`t know if anyone has used this website before,or if it may be a good tool to use in the war on malware !

recommended by a BBC tv programme

 

http://www.virustotal.com/

 

Fluff

ps piriform come up clean ! :lol:

 

Avira Clean site

BitDefender Clean site

Dr.Web Clean site

G-Data Clean site

Malc0de Database Clean site

MalwareDomainList Clean site

Opera Clean site

ParetoLogic Clean site

Phishtank Clean site

TrendMicro Clean site

Websense ThreatSeeker Clean site

Wepawet Unrated site

Share this post


Link to post
Share on other sites

Virus Total is about as useful as a ouija board or poo generator. :lol:

 

Because VT uses heuristic scanning the results can be misleading and full of false positives.

To expose the lameness of this technique I packed Control Panel from Windows XP and uploaded it to Virus Total.

The results were as follows: Virus.Win32.Virut.q!IK, Suspicious File, Virus.Win32.Virut.q and Win32.Malware.gen#UPX (suspicious).

I know for a fact there's nothing wrong with this executable but sadly other people might take their results the wrong way.

If I recall correctly Piriform had some malware accusations in the past thanks to Virus Total including the author of "Unlocker" who got his website banned thanks to crappy heuristic scan results.

 

The bottom line with Virus Total is it can be useful but don't take the results at face value because it's not reliable enough.

If you get many hits then you should consider your sample as viral, however with 2 or 3 hits you should treat it with caution.

 

Richard S.

Share this post


Link to post
Share on other sites

Virus total can be really useful when used in conjunction with other things.

 

It is usually used to scan one file that may be puzzling a malware fighter for instance, he can check if anyone else is flagging it as a nasty.

 

If you look for instance at the Malwarebytes forum in the Malware Hunters area, each suspect file is uploaded and checked before definitions are put out to detect it. Have a browse through.

 

http://forums.malwarebytes.org/index.php?showforum=30

 

It is another tool in the armory Fluffy :)

Share this post


Link to post
Share on other sites

If you get many hits then you should consider your sample as viral, however with 2 or 3 hits you should treat it with caution.

That's exactly how I determine the final results. Too many times only 2 or 3 hits is nothing more than a false positive and too often it's the same offending antivirus engines doing it.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...