VirusTotal — a free service that analyze suspicious files and links to identify viruses, worms, Trojans and various malware. The results of the file scanning service does not depend on any one manufacturer of antivirus software. In VirusTotal uses several dozen anti-virus systems, which will allow to draw more reliable conclusions about the dangers of file.
It is clear that the majority of virus writers are interested in that their a virus as long as possible “live” users. The more time malware is on the computer, the more money you potentially can earn. The main threat to them — antivirus. The vast majority of cases, to protect harm from evil signature/heuristic detect antivirus virus writers use cryptory. Market scriptorem quite extensive, and there are many proposals because cryptory demand.
After the file is “covered” by the Cryptor virus makers test his anti-virus software (otherwise you can produce something that will have to detectas). Everyone knows that there are services that allow you to scan files from a bunch of AV engines. For example, VirusTotal or Jotti Virscan.
VirusTotal
Jotti Virscan
Everything is convenient — many CMS, a slight “brake”, etc. But for those who are going to release the next version, for example, a blocker, these services have a small disadvantage: these companies are in some cases send the scanned file in the AV office.
Virscan from Jotti: the file Sent to us can be sent to antivirus companies so that they could improve on the detection of their products. Read more about this in our privacy policy. If you don’t want your files transferred to third parties, do not send them at all
From the VirusTotal FAQ: “Instead of your engine you will receive all files submitted to VirusTotal that are not detected by your product, but are detected at least one other vendor + report”
It is logical to assume that mavromichali this should not rejoice, as their files will be sent to the AV company for analysis, and, accordingly, this will reduce the time that sampl unnoticed. That is why they use the services of companies that provide a service similar to VirusTotal, but at the same time ensuring anonymity. (so at least it is written on sites with scanners, but we can not know for sure)
For example, there is such a service:
On one of the forums I found a list of what else can this office:
“Available:
— scheduled alerts via email to jabber
— auto-registration and auto-refill the account via Webmoney
On our AV-checker are the current versions of antivirus and their latest updates.” Comfortable enough to e-mail or in another place a notification that some vendor thedetected the next build. Two other offices that provide services to anonymous file scanning.
Of course, there are many more, but it is worth noting that all of these services very quickly satisfy the needs of their customers. Also, there is a support, an API for working with the service, GUI client, etc. This suggests that the market there is competition and struggle for the client.
However, all such services there is a significant disadvantage — they scan only a separate file or a separate domain. It’s not exactly the most popular schemes of infection. All modern antivirus programs present tiered protection. So often to check the file itself may not be reached. In the case of circuits of drive-by attacks antivirus can block one of the domains through which the redirect virus evil iframe or script or an exploit. But if malware got on the computer and start, there already is a sandbox or proactive protection, which in the execution phase analyzes the behavior of the program. In those services I saw, there was no information about the test detectivenet proactive protection — it is understandable — it is difficult to implement. Don’t forget about the cloud, which can block the file by its reputation. So, despite all the efforts of the attackers, many real situations will not play, which makes the test a single object signature/heuristic scanner simply inadequate.
ORIGINAL PAGE – https://vk.com/@rucorenet-virustotal-i-ego-analogi-kak-palyat-virusy
WARNING! All links in the articles may lead to malicious sites or contain viruses. Follow them at your own risk. Those who purposely visit the article know what they are doing. Do not click on everything thoughtlessly.
55 Views
All information posted has been taken from public sources and is provided for information purposes only and does not constitute an invitation to action. It was created only for educational and entertainment purposes. All information is intended to protect readers from illegal actions. The visitor undertakes all possible losses caused. The author does all actions only on his own equipment and in his own network. Do not repeat anything read in real life. | Also, if you are the rightholder of the material posted on the pages of the portal, please write to us through contact form complaint about the removal of a particular page, as well as read instruction for rightholders of materials. Thank you for understanding.
00vote
Article Rating
Subscribe
Connect with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
Connect with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok