Excellent software and practical tutorials
VirusTotal Free virus, worm, trojan and various malware analysis service
VirusTotal VirusTotal is a website created by the Spanish security company Hispasec Sistemas. It was launched in June 2004 and acquired by Google in September 2012. VirusTotal is a free virus, worm, trojan and variousMalware AnalysisThe service can quickly detect suspicious files and URLs, originally maintained by Hispasec. It is different from traditional antivirus software in that it scans files through multiple antivirus engines. Using multiple antivirus engines allows users to determine whether the uploaded files are malware based on the detection results of each antivirus engine.
VirusTotal is a well-known free online virus, Trojan and malware analysis service. After being acquired by Google, it has become part of Google Android's built-in anti-virus and Chrome browser's built-in security features.
Now Google has used this technology to launch VirusTotal Uploader, a free virus-checking software for Windows and Mac systems. This software is completely free and can help computer users check for viruses more conveniently. If you don't like to install anti-virus software that stays in the background, but you often download files on the Internet or receive documents from others, you can use VirusTotal Uploader to scan to ensure safety.
Online antivirus website:https://www.virustotal.com/
VirusTotal also provides several client tools to help users interact with the VirusTotal service more seamlessly. These tools are available for major operating systems, see the section that's best for you.
Desktop App:https://support.virustotal.com/hc/en-us/articles/115002179065-Desktop-Apps
Desktop App
VirusTotal also provides several client tools to help users interact with the VirusTotal service more seamlessly. These tools are available for major operating systems, see the section that's best for you.
Windows Uploader (unmaintained)
Discontinued support for Windows Uploader:
We will stop updating the official Windows uploader from 2017 (see VirusTotalUploader for alternative 3rd party open source uploaders)
It is a simple Microsoft Windows desktop application that makes it easy to interact with VirusTotal with just a right-click of your mouse. No technical background is required.Download the app hereand start using it right away.
Send the file to VirusTotal
This task can be easily accomplished using VirusTotal Uploader. Once you have downloaded and installed the uploader, simply right-click on the file you wish to upload and selectSend toSelect the VirusTotal option from the context menu:
You can also run VirusTotal Uploader (e.g. by clicking its desktop shortcut icon) and click the “Select file and upload” button:
Even easier, just select the files you want to upload and drag them into the VirusTotal Uploader's window.
Note that you can also use the VirusTotal Uploader from the command line. You just need to provide one or more files as arguments:
C:\path\to\vt\uploader\VirusTotalUpload2.exe file_to_upload.exe
Scanning running processes
Some malware samples continue to run on the system as normal processes. This is what the antivirus industry calls active malware. VirusTotal Uploader includes a feature that helps users identify active malware:Upload process executablebutton. When you click this button, VirusTotal Uploader will attempt to find and read the process's image file and send it to VirusTotal for analysis.
Capture and scan online documents
Another handy option is to have VirusTotal fetch and scan an online file without you having to download it first. Enter the URL, or right-click it and select “Copy link location” to cut and paste it, then click “Get and upload button. The file will be downloaded but not saved to your hard drive (by default). You will get the usual list of results and can then decide whether you want to download it.
Since the vast majority of malware infections begin as web downloads or email attachments, we believeGet and uploadOptions are very useful.
The VirusTotal Uploader can also be configured to download files to a temporary folder and delete them afterwards, or to automatically delete them by clicking Options." button to store them in a specific location.
Mac OS X Uploader
This Apple OS X desktop application makes interacting with VirusTotal easy: just drag and drop files into the application to scan them. No technical background required.Download the app hereand start using it right away.
Scanning Documents
Using the Uploader, you can scan files in a number of ways:
Drag and drop files onto the app to scan.
From FileSelect the file you want to scan from the menu.
Right-click or Control-click the file, clickOpenMethod, and then select the VirusTotal Uploader app.
For example, drag and drop a file into the application window:
Linux Uploader
While we haven't built a dedicated Linux uploader itself, it is possible to compile the Mac OS X uploader core for your distribution, and since it uses Qt, it can be used cross-platform.You can find it at https://github.com/VirusTotal/qt-virustotal-uploaderClone the project and build it for your platform.
Third-party uploaders
How VirusTotal works
VirusTotal checks items with over 70 antivirus scanners and URL/domain blacklist services, in addition to numerous tools to extract signals from research content. Any user can select a file from their computer using a browser and send it to VirusTotal. VirusTotal offers multiple file submission methods, including the main public web interface, desktop uploader, browser extensions, and programmatic API. The web interface has the highest scanning priority among the publicly available submission methods. Submissions can be scripted in any programming language using the public HTTP-based API.
As with files, URLs can be submitted in a number of different ways, including the VirusTotal web page, browser extensions, and APIs.
After submitting a file or URL, the basic results are shared with the submitter and also among checking partners, who use the results to improve their own systems. Therefore, by submitting files, URLs, domains, etc. to VirusTotal, you are contributing to improving the level of IT security worldwide.
This core analysis is also the basis for several other features, including the VirusTotal community: a network that allows users to comment on files and URLs and share notes with each other. VirusTotal can be used to detect malicious content, but it can also be used to identify false positives - normal, harmless items that are detected as malicious by one or more scanners.
Freedom and Justice
VirusTotal is provided free of charge to end users for non-commercial use under our Terms of Service. Although we use engines belonging to many different organizations, VirusTotal does not distribute or promote any of these third-party engines. We simply act as an aggregator of information. This allows us to provide an objective and unbiased service to our users.
Many Contributors
VirusTotal's aggregated data is the output of many different antivirus engines, website scanners, file and URL analysis tools, and user contributions. The file and URL characterization tools we aggregate cover a wide range of uses: heuristic engines, known bad signatures, metadata extraction, malicious signal identification, and more.
Improving global IT security through sharing
Scan reports generated by VirusTotal are shared with the public VirusTotal community. Users can comment and vote on whether specific content is harmful or not. In this way, users contribute to the community's collective understanding of potentially harmful content and identify false positives (i.e., harmless items that are detected as malicious by one or more scanners).
The content of the submitted file or page may also be shared with premium VirusTotal customers. The file corpus created in VirusTotal provides cybersecurity professionals and security product developers with valuable insights into emerging cyber threats and malware behavior. Through our Premium Services commercial offering, VirusTotal provides qualified customers and antivirus partners with the tools to perform sophisticated, standards-based searches to identify and access harmful file samples for further research. This helps organizations discover and analyze new threats and develop new mitigations and defenses.
Real-time updates
VirusTotal frequently updates malware signatures as they are distributed by antivirus companies, which ensures that our service uses the latest set of signatures.
In some cases, website scanning is done by querying vendor databases that have been shared with VirusTotal and stored on our premises, while in other cases it is done by querying anti-virus companies’ solutions via APIs. Therefore, once a given contributor blacklists a URL, it is immediately reflected in user-facing verdicts.
Detailed results
VirusTotal will not only tell you whether a given antivirus solution detected a submitted file as malicious, but will also display the detection label for each engine (e.g. I-Worm.Allaple.gen). The same is true for URL scanners, most of which will differentiate between malicious sites, phishing sites, suspicious sites, etc. Some engines will provide additional information, explicitly stating whether a given URL belongs to a specific botnet, which brand was the target of a given phishing site, and so on.
