VirusTotal
VirusTotal is a web service that analyzes submitted files for known viruses and other malware. It incorporates dozens of antivirus engines from different vendors, updated regularly with new signatures. Participating antivirus vendors can get alerts when a file is not detected by their product but is by someone else's. For downloads and more information, visit the VirusTotal homepage.
- Popularity
- #94, new!
- Links
- Rating
- ★★★½ (3)
★★★★★33% ★★★★33% ★★★0% ★★33% ★0%
Great IDEA for a tool / website, but fatally flawed in two ways: no non-GUI interface (e.g., upload via tool or script) and much worse it doesn't work with text-based browsers. This means that if I want to submit a sample I have to download it to an actual machine I use -- very dangerous for suspected malware! -- and point-click-point-navigate-click-etc. to get it uploaded.
It is a very nice website. It scans an uploaded file with 43 different antivirus software and returns the results of each. After a file is scanned, the hash is remembered so if someone else scans the same file it can give them the results of the last scan instantly. It will allow the file to be re-scanned in case it didn't catch malware that was present before but wasn't in its virus definitions at the time. Not only does it scan the file, but it gives detailed information about it. For example, here's a small section of the file info for a PDF book: MIMEType.................: application/pdf PageLayout...............: OneColumn ModifyDate...............: 2008:11:30 23:24:50-05:00 CreatorTool..............: Acrobat PDFMaker 9.0 for Word Producer.................: Adobe PDF Library 9.0 There was a lot more info then just that.
The site will allow you to vote on whether a file is safe or not, and it will display the votes along with the scan results, just in case all 43 scanners happened to miss something.
If you are using Windows, you can download an app from the site that allows you to right click any file on Explorer, go to "Send To", and select "VirusTotal". It's very handy.
In case you want a site scanned for potentially malicious script on the pages, VirusTotal has a URL scanning feature where it will use 19 different antivirus software to check the site. It will tell whether it contains malicious downloads and whether it contains malicious script embedded on the webpage. I scanned a malicious site with it (offended.wikipaste.eu), and it recognized it as such, telling me not to go there. It also gave me technical info about the site. Here is some of what it returned: via: HTTP/1.1 GWA x-powered-by: PHP/5.3.8-1+b1 x-google-cache-control: remote-fetch vary: Accept-Encoding server: Apache/2.2.16 (Debian) date: Sat, 10 Mar 2012 21:51:54 GMT content-type: text/html; charset=utf-8 The site was recognized as malicious by 5 out of the 19 antivirus software used to analyze it.
Overall, this is an amazing site. Sorry for such a tl;dr review, but I really like this site.
Great site. very short queue times, offers secure file transfer if needed. i have gotten a few false positives from this site, but most of them were exploit tools and the like anyway, so its to be expected. parse files through 41 (i think) different AV scanners, and lists results for each. easy to use, quick and simple.