Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Online Scanners - Scan Suspicious Files on your PC



Online Scanners - Scan Suspicious Files on your PC

How to Scan Suspicious Files using Online Scanners
Published by Golden
09 Feb 2013
Default Online Scanners - Scan Suspicious Files on your PC

How to Scan Suspicious Files using Online Scanners

information   Information
Sometimes files downloaded from the internet or copied from external USB storage may contain malicious content that your usual anti-malware defenses fail to detect. If you ever suspect this to be the case, you can upload these files to sites that are able scan these files more thoroughly.

The advantage of using this technique is that the files are scanned using several different engines (anti-malware products) thereby providing a greater probability of detecting malicious content.

I realise there are a plethora of online scanners available, and every person has their favorite that they swear by. However, the goal of this tutorial is to provide access to the fastest and most reputable sites with the highest number of scanning engines available. As such, this tutorial covers only these sites:
  • OPSWAT Metascan
  • VirusTotal
  • Jotti
  • Virscan
I have used the EICAR test file to illustrate the scanner report files generated by these sites.

Generally, all these sites work the same way :

1. You access the site,
2. You upload the file (you cannot load more than a single file at a time)
3. The file is scanned and a report is generated

Each site employs a different number of scanning engines, and most have several that are common to each other. Some sites provide access to lesser know engines, and most provide access to the more well known engines (e.g. ESET, Symantec, Microsoft, Kaspersky, F-Secure and Avast to name a few).

Sometimes, one or two scanning engines will flag a file as malicious, whilst the others won't. This may be a false positive, but the onus is on you to make that decision. Generally speaking, those files flagged with the more well known scanning engines should be treated with caution and assumed to be malicious.

There is a limitation on the size of file you can upload, and this varies between 20MB and 80MB depending on the site. Most sites will provide a copy of the uploaded file to the anti-malware providers, even if its not malicious, so take care when uploading files. If in doubt, read the sites privacy policy.


OPSWAT Metascan

URL : http://www.metascan-online.com/

Maximum file size limit : 80 MB

Number of scanning engines : 43

Scanning engine examples : agnitum, Ahnlab, AVG, Avira, Bitdefender, ByteHero, ClamAV, commtouch, Emsisoft, ESET, F-Prot, F-Secure, Fortinet, GFI, Hauri, Ikarus, Jiangmin, K7, Kaspersky, KingSoft, McAfee, Microsoft, Nano, nG, Norman, nProtect, Panda, Preventon, Quick Heal, Sophos, StopZilla, Symantec, SysTweak, TotalDefense, TrendMicro, Virit, VirusBlockAds, VirusBuster, Zillya! and Zoner

Usage :
Online Scanners - Scan Suspicious Files on your PC-m1.png
Report :
Online Scanners - Scan Suspicious Files on your PC-m2.png


VirusTotal

URL : http://www.virustotal.com/

Maximum file size limit : 64 MB

Number of scanning engines : 46

Scanning engine examples : agnitum, Ahnlab, AntiVir, Anti-AVL, Avast, AVG, Bitdefender, ByteHero, ClamAV, commtouch, Comodo, Emsisoft, eSafe, ESET, F-Prot, F-Secure, Fortinet, GData, Ikarus, Jiangmin, K7, Kaspersky, KingSoft, McAfee, McAfee GW Edition, Microsoft, MicroWold-eScan, Nano, Norman, nProtect, Panda, PCtools, Quick Heal, Rising, Sophos, SuperAntiSpyware, Symantec, TheHacker, TotalDefense, TrendMicro, TrendMicro HouseCall, VBA32, VIPRE and ViRobot

Usage :
Online Scanners - Scan Suspicious Files on your PC-m3.png
Report :
Online Scanners - Scan Suspicious Files on your PC-m4.png


Jotti

URL : http://www.virusscan.jotti.org/en

Maximum file size limit : 25 MB

Number of scanning engines : 21

Scanning engine examples : ArcaVir, Avast, AVG, AntiVir, BitDefender, ClamAV, CP Secure, DrWeb, eScan, ESET, Fortinet, F-Prot, F-Secure, GData, Ikarus, Kaspersky, Panda, Quick Heal, Sophos, VBA32 and VirusBuster

Usage :
Online Scanners - Scan Suspicious Files on your PC-m5.png
Report :
Online Scanners - Scan Suspicious Files on your PC-m6.png


VirScan

URL : http://www.virscan.org

File size limit : 20 MB

Number of scanning engines : 37

Scanning engine examples : a-squared, AhnLab, AntiVir, Antiy, Arcavir, Authentium, Avast, AVG, BitDefender, ClamAV, Comodo, CP Secure, DrWeb, ESET, F-Prot, F-Secure, Fortinet, DGata, Ikarus, Jianmin, Kaspersky, KingSoft, AnAfee, Microsoft, Norman, nProtect, Panda, Quick Heal, Rising, Sophos, Sunbelt, Symantec, TheHacker, TrendMicro, VBA32, ViRobot and VirusBuster

Usage :
Online Scanners - Scan Suspicious Files on your PC-m7.png
Report :
Online Scanners - Scan Suspicious Files on your PC-m8.png


warning   Warning
Online scanners are not a substitute for traditional anti-malware defenses. Ensure you always have a reputable anti-malware product installed and updated on your computer.

Regards,
Golden


Published by
09 Feb 2013   #1
boohbah

Microsoft Windows 7 Home Premium 64-bit 7600
 
 

nice tips Colin, bookmarked and stored in my online security bookmarks folder.


My System SpecsSystem Spec
09 Feb 2013   #2
Golden

Microsoft Community Contributor Award Recipient

Windows 7 Ult. x64 Windows 8.1 x64
 
 

Cheers Julian.
My System SpecsSystem Spec
09 Feb 2013   #3
Dwarf

Windows 8.1 Pro RTM x64
 
 

Thanks Colin. These will come in useful.

I do find it a bit alarming though, given that the EICAR test file is something that any AV should be able to pick up (and which indeed is an industry standard test), that not all were able to detect it. ByteHero being one such example.
My System SpecsSystem Spec
.


09 Feb 2013   #4
Golden

Microsoft Community Contributor Award Recipient

Windows 7 Ult. x64 Windows 8.1 x64
 
 

Thanks Guy.

Yes, it is a bit worrying - the image doesn't show all the culprits, but they are ByteHero, StopZilla and Systweak. Certainly products to steer clear of, at least for the time being.
My System SpecsSystem Spec
09 Feb 2013   #5
maxie

windows 7 home 64bit
 
 

Thanks Golden bookmarked will be very handy for future reference .
My System SpecsSystem Spec
09 Feb 2013   #6
Golden

Microsoft Community Contributor Award Recipient

Windows 7 Ult. x64 Windows 8.1 x64
 
 

Cheers maxie.
My System SpecsSystem Spec
09 Feb 2013   #7
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

Of course like everybody else tried to rep you but not allowed.
Great information, Bookmarked.
Thank you!!
My System SpecsSystem Spec
09 Feb 2013   #8
Golden

Microsoft Community Contributor Award Recipient

Windows 7 Ult. x64 Windows 8.1 x64
 
 

No worries. Glad you find it useful.
My System SpecsSystem Spec
09 Feb 2013   #9
kado897

Microsoft Community Contributor Award Recipient

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

The Jotti and VirScan URLs don't work for me.

Ah. They work if you remove the https:\\
My System SpecsSystem Spec
Comment

 Online Scanners - Scan Suspicious Files on your PC




Tutorial Tools



Similar help and support threads for2: Online Scanners - Scan Suspicious Files on your PC
Windows 7 Tutorial Category
Using virtual machine to open suspicious PDF files. Virtualization
Suspicious ocx-files with weak certificate, according to HitmanPro System Security
Files and folders disappeared from my desktop - suspicious registry. System Security
Virus Total Online Scan System Security
Need suspicious files analyzed(network) System Security
Question about suspicious files winpatrol detected System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 02:40 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33