Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SysInternals Autoruns introduces VirusTotal integration


  • Please log in to reply
2 replies to this topic

#1 eq2675

eq2675

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 26 February 2015 - 06:39 PM

I'm late to the party, but not by much. Version 13 of Sysinternal's Autoruns program now has the ability to submit startup files to VirusTotal.

 

Imagine being able to scan the most probable infected files on a PC against 57 or more anti virus programs in just a few minutes. I've cured a few systems in the last week with this setup.

 

 



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:48 PM

Posted 26 February 2015 - 06:42 PM

There's still a lot of FP on VirusTotal. When you upload a file to VirusTotal, you match it against all the FP in the databases of the Antiviruses it uses, so I would still be extremely careful when relying on that method.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,766 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:48 PM

Posted 26 February 2015 - 06:51 PM

A lot of investigative tools have been doing this.

Process Hacker, System Explorer, Process Explorer and AnVir Task Manager Free allow you to right-click on a process and submit it to Jotti's virusscan, VirusTotal, or Comodo for analysis.

Right-clicking on a process in ProcessHacker or System Explorer allows you to send it (File Check) to Jotti's virusscan or VirusTotal. Process Hacker also allows sending it to Comodo.

Right-clicking on a process in Process Explorer or AnVir TaskManager Free allows you to send it to VirusTotal.

If you are using Firefox, you can use the VTzilla Add-on to check (analyze) a file for malware at VirusTotal before downloading and saving it to you computer.

When using such tools, I generally recommend to get more than one opinion...
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users