System Tools

On-line Scan of suspicious files or URLs

Your computer is normally equipped with an antivirus software to protect it form viruses and others malware.
However, you always should remain careful and avoid as much as possible to expose your computer to any danger that may infect it.

There is always a risk of infection


The majority of malware are located in downloaded files or on classic web pages. Even if most anti-viruses now integrate a Web protection, you should not rely to them in 100%.
 
You should be extra cautious if you need to download free tools or source codes ! Here are some example :
- You have to download a files but the website seems suspicious. You may hesitate and be worried that your antivirus software may not block a potential infection.
- Your web browser indicates you that an URL is suspicious, but you really want to know what's behind.
- You have retrieved a ZIP file, but your antivirus software tells you it may be infected. Is that a false positive ?

The solution : VirusTotal


There is an on-line tool that is very useful : Virus Total !
This application allows you to submit any file or URL to perform a comparative analysis with about forty antivirus engines.
virustotal
Thus, you'll be able to determine :
- If an URL or a website is dangerous or is hosting malicious code or script.
- If a file on Internet is containing any malware. 
 

Example : False positive


Your antivirus software is AVAST, well-known and reliable application.
You have just downloaded phpFileManager on SourceForge.net and AVAST rise an alert about a Trojan inside this ZIP file : PHP:Agent-BV [Trj]
Is this fiel really infeced ? Does the original source code being modified with a malware ?
By submitting this file to VirusTotal, on 42 analysis engines you'll get only 6 alerts raised. Among those 6 alerts, 3 indicates that it's a network tool and may not be considered as a virus. 
Therefore, among 42 analysis reports only 3 are containing an alert. In that code, there is effectively a potential risk because the script allows to make modifications on a remote host. (Indeed that's the initial goal of this script).
That's definitively a false positive !
       

In brief


VirusTotal offers you two methods :

You have no rights to post comments

Select your language :

Newsletter

Contact