Ways to submit and scan, files and URLs using Multiple AntiVirus engines at VirusTotal

There are many online malware scanners which use multiple antivirus engines to scan suspicious files, like virustotal.com, jotti.org,  novirusthanks.org, virus.org, virscan.org, viruschief, filterbit, metascan, etc. VirusTotal is one of the popular websites that lets you scan a file for malware using more than 40 antivirus engines and definitions.

All you have to do is upload the suspicious file to the Virus Total site, and they will analyze the file using several Anti-Virus engines.

Another nifty feature of VT is that you can scan URLs as well. Thus if you have to download files from previously unknown location, it is better to scan the file using Virus Total before actually downloading it.

Using VirusTotal

1) First right click the download link and copy the URL.

2) Now go to Virus Total website and click Submit a URL. Here for testing purpose, I have used the link to our Ultimate Windows Tweaker utility.

Using VirusTotal

3) Paste the URL into the appropriate field and click Submit URL.

Virus Total will first check the URL to see if the site has been previously reported for suspicious activities. If the results show that the site is not clean, there’s a good chance that the download is also infected.

As TWC is a perfectly safe site, 10 out of 12 engines gave a clean site tag. BitDefender engine at the time of testing seemed down, and Wepawet gave an unrated tag.

4) Now to check whether the download is infected, click View downloaded file analysis.

Now Virus Total will display the scan results of over 40 Anti-Virus engines including popular ones such as Avast, AVG, McAfee, etc.

Here none of the virus engines found any malware in UWT.

If the file that you scanned contains malware, it will the type of malware will be shown under results in red letters. In that case, you shouldn’t download it, and if the malware came as an attachment to an email, it is better to delete that email.

If you don’t want to go through the above process to check for malware, by visiting the VirusTotal website you can also make use of the Virus Total Browser extensions for Internet Explorer (VTExplorer – IE extension), Chrome (VTchromizer – Chrome extension) or Firefox (VTzilla – Firefox Plugin). After installing the extension, all you have to do is right click the download link and click Scan with Virus Total as shown below.

VirusTotal also offers a desktop utility called as VirusTotal Uploader. After installing it, you can simply right-click any file under 20MB and choose “VirusTotal” from the Send To Windows menu. The scan results will display in your browser as usual.

The utility also adds an item ‘Send To VirusTotal to the context menu, which makes things even more easier. Jotti.org too have a desktop file scanner called JottiQ. X-ray a freeware that automates the process of submission of malware files may also interest you.

VirusTotal also allows you to send suspicious through email and receive the scan results back in your mailbox. The files are to be uploaded as email attachments, and the results can be received either in plain text or XML. To do so, attach the file (less than 20 MB) to be scanned and mail it to scan@virustotal.com with the word SCAN in the subject line. You will receive the results in text format. If you want them as an XML attachment, type SCAN+XML in the subject field instead.

Posted by on , in Category Security with Tags
Currently pursuing Bachelors in Electronics, the author Nithin Ramesh is a technology blogger. Apart from technology his other interests include cricket and rock music.