Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Online Scanners - Scan Suspicious Files on your PC

09 Feb 2013   #10
Britton30
Microsoft MVP

Windows 7 Ultimate X64 SP1
 
 

Good work Colin, out of the four scanners you show, I had only heard of/used VirusTotal. It's always good to have more tools.


My System SpecsSystem Spec
09 Feb 2013   #11
kado897

Microsoft Community Contributor Award Recipient

Microsoft Windows 7 Home Premium 64-bit Service Pack 1
 
 

It looks like Virus Total is the only one that can scan URLs though.
My System SpecsSystem Spec
09 Feb 2013   #12
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Thanks kado - I removed the s.
My System SpecsSystem Spec
09 Feb 2013   #13
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Thanks gary.
My System SpecsSystem Spec
.

09 Feb 2013   #14
koolkat77

Microsoft Community Contributor Award Recipient

Windows 10 Home 64Bit
 
 

I'm adding this link to my BSOD AV scan recommendation templates.

Good work
My System SpecsSystem Spec
09 Feb 2013   #15
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Thanks Koolkat
My System SpecsSystem Spec
10 Feb 2013   #16
marsmimar

Microsoft Community Contributor Award Recipient

 
 

Very nice, Colin. Another great resource for malware issues.
My System SpecsSystem Spec
10 Feb 2013   #17
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Cheers mate.
My System SpecsSystem Spec
16 Jan 2014   #18
rmangalore

32
 
 

Metascan Online is by far the best option out of all these. Not only is it faster than VirusTotal but recently Metascan Online received a UI facelift that looks absolutely stunning. Metascan Online also offers a free public API. Definitely give the new www.metascanonline.com a look!
My System SpecsSystem Spec
17 Oct 2015   #19
BillR5

Multiple: XP, Vista32, 7(64), 7(32), 8.1(64), 10(64)
 
 
Updated Info

Great information but slightly stale.

VirusTotal offers the most scanners and Jotti the fewest (but almost all are major vendors). VT might be the best for developers trying to avoid false positives but otherwise any of the four will be roughly equally effective at finding malware.

Note that results for the same vendor/product may vary slightly among these metascan sites and between these sites and a vendor site or a client install for numerous reasons. A few of these are: Windows v. *nix engine; options/settings including heuristics sensitivity or number of active engines; last engine or signature update; other features/tools included in the client install like HIPS; and virtual environment software.

VirusTotal.com - 128MB file max

Several 3rd party and VT itself (obscurely located in browser and desktop sections of their doc) created tools (32? MB limit) improve access. Also supports searches by file hash and by URL and IP for reputation. I'm not sure how well VT informs users when limits are exceeded.

Metascan-Online.com (note hyphenation; non-hyphenated URL is iffy) - 140MB file max. 500 file max per archive. xx nesting levels (e.g., zip an already compressed install file that contains a compressed library).

Metascan-Online by OPSWAT clearly has the best online interface with rescan option, scan history, and separate results for archive components. Also supports searches by file hash and by IP for reputation (maybe URL forthcoming?). Usually the fastest, but does have lower per hour or per day submission limits. Browser integration is spotty but promising. Uses MS Windows version of scan engines (most also include Linux signatures and many include Android and iOS malware signatures). OPSWAT has expanded other products into the Linux, Android, and iOS markets but I don't know their plans for expanding Metascan-Online.

Web interface does have a few quirks. Files originally scanned within an archive are difficult/impossible to rescan individually (known issue). Worse, results for unavailable engines (e.g., being updated) are reported as if a pass (it's not a flaw; it's a feature). This can lead to confusion, especially when comparing results over time (e.g., "8/43" last week and "7/43" this week DOES NOT MEAN at least one VENDOR EVALUATION CHANGED: it might really be "8/43" last week and "7/42--1 unavailable" this week!!). A small enhancement might include summarizing the number of favorable, unfavorable, and reclassification changes since the prior run. Cavils aside, this is easily the best web interface.

Jotti.org - JottiQ is a handy 3rd party tool. Usually slower than Metascan-Online and VirusTotal. Jotti is *nix based but all(?) engines include MS Windows malware signatures.

VirScan.org - 20MB max. 20 file max per archive. Usually the slowest of these four with the least flexibility so I rarely use it.

Off Topic: URLvoid.com is also a good metascanner for URLs and IPs.
My System SpecsSystem Spec
Comment

 Online Scanners - Scan Suspicious Files on your PC




Tutorial Tools




Similar help and support threads
Windows 7 Tutorial Category
Using virtual machine to open suspicious PDF files.
How safe is it to open an infected file on a virtual machine? Is there no chance that the computer hosting the VM will get infected? What if it's a plug and play malware that can be transferred by USB key? Wouldn't both the host computer and the VM machine become infected if you plug in a USB...
Virtualization
Suspicious ocx-files with weak certificate, according to HitmanPro
HitmanPro reports a few "suspicious" ocx-files in the C:\Windows\SysWOW64\ folder on my notebook (Dell Studio 1558, Windows 7 Home Premium 64 bit). The filenames are COMCT332.OCX, COMDLG32.OCX, ... PICCLP32.OCX, etc. (May be the files were installed there by Visual Basic 6.) HitmanPro calls...
System Security
Files and folders disappeared from my desktop - suspicious registry.
Hi guys, Suddenly all files, folders and icons that were on my desktop have disappeared. 1. tried making "show hidden files", no luck. 2. tried using recovery software, but it did not find any of this files, so I assume they were not deletes. 3. c:/user/.../desktop does look empty from...
System Security
Virus Total Online Scan
To all you security people, this is probably old news, but I am excited. I just recently learned about this online virus scan, that uses multiple AntiVirus scan engines to check for any "bad guys". Using this free scan will avoid the problem of using one anti virus that may miss the problem. In...
System Security
Need suspicious files analyzed(network)
If someone in the know wouldn't mind looking at these files for me, it will be greatly appreciated! This all started with a system crash a few days ago. What I thought was a crash due to OC parameters, seems to be something entirely different. I have found NUMEROUS signs of a virtualization of my...
System Security
Question about suspicious files winpatrol detected
I opened up winpatrol today to check for updates,then went through the various tabs and found the following suspicious files(the links are to virustotal analysis for the files that i uploaded).... ...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 22:12.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App