Sometimes when I download files to my system I'm cautious to execute them even if residential antivirus programs running on the PC have not picked up anything yet.
I prefer to double-check -- sometimes even triple-check -- files before I execute them on the system, especially if I'm not trusting the website I downloaded them from.
Virustotal is my go-to service for these kind of things. I can use the service on the website directly, which is fine when I'm working on a third-party computer for example or when I want to check a file that I have not downloaded yet.
What I prefer to do most of the time to speed things up though is to use a program like Virustotal Uploader straight from the desktop. The program is great, offers a user interface that lets you scan multiple files in a heartbeat, and also comes with Explorer integration to quickly scan files from there.
If you prefer a program that is more bare-bones than that, you may want to take a look at VT Hash Check. It adds a "Check File Hash" option to Windows Explorer that you can use to quickly compute the file hash and check it against VirusTotal's database.
Note that it won't upload files to VirusTotal. If a file hash is not found in the service's database, it offers to load the VirusTotal website in the default system browser so that you can upload the file directly on it.
While this is not as comfortable as what VirusTotal Uploader offers, it may be suitable on systems where bandwidth should not be wasted on file uploads.
Before you can check any file against VirusTotal's database, you need to enter an API key into the settings. For that, you need to create an account over at the website first.
Reports are displayed in a new window on the screen. The top lists the number of hits -- meaning antivirus engines that detected malicious code. Below that is a table of all engines and their results, including the name of the virus found in the file. A click on Full Results opens them on VirusTotal's website.
The Tools menu at the top of the results window displays interesting options. Here you can export the results to csv, txt or json files, use TrID to identify the file, or request a rescan of the file.
If you are using VirusTotal Uploader, then there is little reason to download and install VT Hash Check as well. The only feature that it adds to the table is the file identification using TrID, which could be useful especially when malicious users have renamed files to avoid detection.Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.