All about infected files

[polonus]

There is no difference malware is malware played, see also: http://www.techrepublic.com/blog/it-security/dropsmack-using-dropbox-to-steal-files-and-deliver-malware/
The cloud should not be inherently safer for your example.
Anyways a pre-scan is your best bet.

polonus

[ehmen]

How do you submit a file on Google Drive to virustotal.com? You submit the URL after you click on said file (which will make VR scan just that video but not the general website it's on)?

[bob3160]

How do you submit a file on Google Drive to virustotal.com? You submit the URL after you click on said file (which will make VR scan just that video but not the general website it's on)?

First you need to make sure that the link to that file is sharable.
If only you have access, then it can't be scanned by virustotal or any one else.

[Pondus]

or you download and save the file on your computer (dont run it) then upload to Virustotal or Metascan

[polonus]

Or even more secure never even download just download to be pre-scanned by Meta-scan extension in a browser running sandboxie and then choose to do not restore the file. The scan results will give you an indication of what is there.

polonus
P.S. The scan extension resides here: you should give the link to metascan for chrome
https://chrome.google.com/webstore/detail/metascan-online-for-chrom/fjampemfhdfmangifafmianhokmpjbcj


there is also a VT uploader
https://www.virustotal.com/nb/documentation/desktop-applications/virustotal-uploader

Thanks to pondus for reminding me...

Damian

[ehmen]

Is submitting the link to VR after making it sharable just as effective as downloading and then uploading to VR?

[Pondus]

Is submitting the link to VR after making it sharable just as effective as downloading and then uploading to VR?

depends what you mean by effective? ... if the file is scanned, it is scanned

[ehmen]

depends what you mean by effective? ... if the file is scanned, it is scanned

Than it's just as effective as downloading and uploading. So I'll just submit the URL once it's sharable.

[ehmen]

How do you submit a file on Google Drive to virustotal.com?...

First you need to make sure that the link to that file is sharable.
If only you have access, then it can't be scanned by virustotal or any one else.

tried it, didn't work.
First I scanned a Ccleaner installer and it was flagged by ESET-online.
(https://www.virustotal.com/en/file/b5de4b21e2abc79b4d7cfefc16c0b092f84d37e08c9fb5cd03aa616bcbeee87e/analysis/1430789605/)
And then I uploaded it to Google Drive as a test, and scanned the URL (after allowing anyone with the link to access), and it came up squeaky clean.

[ehmen]

Apparently it VR scans the cloud website and not the individual file, as I've indicated above.

[ehmen]

So is there another way to scan files online without downloading them?

[polonus]

That is MetaScan and you can have it as an extension inside your browser,
you can even pre-scan downloading inside sandboxie, but later you cancel restore file.

polonus

[ehmen]

Can a infected (document, media, etc.) file infect other similar or non similar files in the same folder or even computer just by being there?

[polonus]

An example that this is throughout possible: http://blog.trendmicro.com/trendlabs-security-intelligence/word-and-excel-files-infected-using-windows-powershell/ 

The downloaded PowerShell script also contains the necessary code to infect other Word and Excel documents with the malicious CRIGENT code. To do this, it uses PowerShell scripts to modify registry entries, which lowers the security settings of Microsoft Office.

Mind you always have to run that code for it to infect other docs .... simply storing it in the same folder as a clean will not infect. Additional info. thanks Pondus.

polonus

[ehmen]

But that affects general settings, or also infects specific files as well?