Check a File using multiple antivirus engines
If you need to quickly check a file for malicious code that you downloaded then Virus Total may be something you may want to take a closer look at as it is one of the most convenient services for that job.
This service stands out because it uses multiple antivirus engines instead of just one or two to scan files. The antivirus engines list looks pretty impressive because it contains 50 engines.
I was not able to find an engine that I knew of that Virustotal does not support. All the major players like Symantec, AVG, Kapersky and Avira are supported by it which means that every file will be scanned by all those engines.
Even though the file gets scanned by those 50 engines it is no guarantee that it does not contain a virus. No script or software can give you that guarantee but this looks like the best way to scan a file for malicious code and the possibility of success is greater if you use it.
The main reason why there is no 100% guarantee is that companies need time to add new signatures or virus code to their programs. While heuristic scans may help at times, it is also not a 100% surefire way.
There does not seem to be a file size limit, at least nothing is mentioned on their pages regarding a file size limit. I suspect that big files will result in an error message after a certain time. The website of the service supports file sizes of up to 64 Megabyte.
Files can be uploaded using SSL for increased security and you can block the submission of files to antivirus companies if a virus is found. This can be useful if you want to test a file containing personal or business related data.This is an important option that you may want to check most of the time because of privacy issues.
Virus Total offers another way to check files for malicious code. You can send an email to scan@virustotal.com with SCAN (or SCAN- if you do not want to distribute the sample) and no body text. Attach the file to the email and make sure that it does not exceed 10 Megabytes.
A report will be send after the scan to the email that you sent the file with. Users can also download a shell extension to send files directly from the context menu to Virus Total.
If you are using the web service, you do not necessarily need to download the files you want to check first if they are hosted on the Internet and not stored locally already.
Just switch to url on the website and paste the full path of the file into the form. Virustotal will download the file to its server and scan it for you, so that you do not have to do that.
The third and final option that you have is to generate hash values of files and paste them into the search tab on the website. A hash is a fingerprint of a file and if it is in the database, you will get the result without having to upload the file.
