VirusTotal delivers the collective wisdom of 32 viruskillers on-demand

10
38

Virustotal is a web service that provides on-demand scanning of your local files for worms, trojans, and all kinds of malware detected by antivirus engines. It allows you to upload any local file up to 10 megs in size and will perform a scan across 30+ different virus scanning engines (which include all of the leading heavy-hitter virus killer engines on the market).

Let’s assume for the sake of discussion that most of us have fairly competent, updated virus-killer and antispyware software and firewalls that keep malware attacks at bay. But what if you want to open a file or run an .exe that is, by your estimation, of dubious origin? It is possible for you to manually override your antispyware and firewalls merely because you are accustomed to doing so when they intercept legitimate software and files and ask for your arbitration. Or, alternately, you might have a dangerous file that is simply not being recognized as such for whatever reason by the security software you are using.

This issue is of particular concern to me as I like to think that all the software featured on Freewaregenius is malware free, and the way I “check” for this is to simply try out the software and see how the security software I run responds, which is not really a guarantee that a file is malware free.

Enter Virustotal, a service that will scan any file that you upload to it using more than 30 virus detection engines with all the latest updates, making it far more likely that if the file in question is dubious that it will be recognized as such by a subset of these engines at the very least. Here are more notes on this service:

    • Types of malware detected: can detect worms, trojans, and all kinds of malware detected by antivirus engines. This does note include adware (I tested with a known adware program),
    • Virustotal Report ScreenshotThe scanning process
    • but most (not all) of the engines will identify spyware.
    • How to upload a file: simply upload using the form on the site or email to scan[at]virustotal.com with “Scan” as subject and the file included as an attachement. Another option is to use the downloadable “VirusTotal Uploader” (see screenshot) which can upload straight from the Windows context menu. Your file in all cases can be up to 10 megs in size maximum.
: once uploaded your file will likely be entered into a queue before it is processed, but in my experience that takes less than a minute to clear. If the file has been uploaded to VirusTotal previously you are given the option to see the report that is on file or to re-scan. Virustotal will scan your file sequentially in one virus engine after another and
display the results as they become available. Typically this entire process takes less than 5 minutes, but there are high-load instances where it could take up to 15 minutes+.
  • Engines supported: include Kaspersky, NOD32, Avira, and AVG. For a complete list go here.
  • How to read the results: is up to you. check out the latest AV-Comparative tests to figure out which virus killer engines are the most effective, and of course the more warnings your file generates the more concerned you should be. What’s cool is that even when you have one or two warnings they are usually spelled out in a way that can shed some light on what the potential issue may be. See the screenshot above for an example of results.Virustotal Uploaded in the context menu
  • Statistics: some interesting numbers in the stats page.

Overall this is a fantastic service that delivers the collective wisdom of the malware-fighting community to your fingertips on demand. Note, however that this is not a substitute for having an antivirus program with real-time protection locally on your machine. For someone like myself who might need to know exactly what software I am publicizing/recommending to my readers on my site this simply is an amazing resource.

Go to the Virustotal page.