Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: VirusTotal Uploader


VirusTotal Uploader

Add 'Send to VirusTotal' to the Explorer context menu
Published by Slartybart
20 Jul 2014
Published by

Name:  logo_90VT.png
Views: 616
Size:  8.0 KB VirusTotal Uploader

VirusTotal Uploader (VTup) adds an Explorer context menu that allows you to right click on a file detected as suspicious by any malware scanner or Anti-Virus (AV) application and send it to VirusTotal (VT) for further analysis.


Name:  tb00_Prep[SF].png
Views: 495
Size:  5.4 KB
1. Read the VTup online documentation.
Name:  tb01_Dnld[SF].png
Views: 489
Size:  6.3 KB VirusTotal Uploader
2. The install process for VTup is described on the download page for the utility.
Read the page before downloading to become familiar with the utility; more details are provided on the pages linked in the Prepare stage of this guide.

On the VTup download page, click on the Install VirusTotal Uploader button.
Name:  VTinstallBtn.PNG
Views: 490
Size:  1.3 KB
On the Do you want to run or save ... Action Bar
Name:  Bar0_dlRun.png
Views: 492
Size:  12.3 KB
Select Run
Follow the instructions presented during the install.

Name:  tb05b_Analyze[VT].png
Views: 492
Size:  5.9 KB
3. Launch Windows Explorer and navigate to the quarantine folder of the scanner or AV program.
For each file in quarantine, right click and select Send to VirusTotal

A VirusTotal page is opened in you browser with information similar to the samples below. The VT summary analysis page consists of the following:

_________________________ __________________________________________________
SHA256: 32 bit word Secure Hash Algorithm of the file
File name: the file you sent to VirusTotal for analysis
Detection ratio: VirusTotal uses numerous Anti-Virus (AV) engines to analyze files. It compares a known SHA256-Filename pair to the SHA256 value of the file that you sent for analysis.
The ratio is the number of AV engines that detected the file as malicious / the number of AV engines used to inspect the file. A low ratio indicates that the file is probably safe. 
Analysis date: the most recent analysis of the SHA256-Filename pair
Analysis meter: quick analysis indication (threat, indeterminate, safe)
Votes: Yea or Nay votes on the file cast by knowledgeable VirusTotal members based on their own experience with the file. The VirusTotal member might have also posted a comment about their vote which would give you more information about the meter.
The bad / good meter represents how members people voted - it is not a statistical analysis. 

There are additional research tabs at the bottom of the summary page that might need to be referenced in order to make a decision.

Name:  VT01_isSetup.PNG
Views: 512
Size:  40.2 KB
issetup.dll: None of the AV engines determined that the file is malicious (Detection ratio 0 / 50)
The Probably harmless! green bar indicates that the file is probably safe to restore to it's original location.


Name:  VT02_unins000.PNG
Views: 502
Size:  52.3 KB
uninsooo.exe: One of the AV engines determined that the file is malicious (Detection ratio 1 / 47)
This report provides information on the AV engine that detected the file as malicious. You can read more information on the research tabs.
The Probably harmless! green bar indicates that the file is probably safe to restore to it's original location.


Name:  VT03_acceptorUno.PNG
Views: 499
Size:  44.2 KB
acceptor.uno.dll: One of the AV engines determined that the file is malicious (Detection ratio 1 / 48)
This report provides information on the AV engine that detected the file as malicious. You can read more information on the research tabs.
The report on this file is indeterminate, there is no Probably harmless! green bar.
You have to decide the disposition of the file based on the Detection ratio and by reading the information on the additional research tabs.

If SF members are assisting you, post a screen shot of the VirusTotal report for any file in question.
See: How to attach files and screen shots

Comment

 VirusTotal Uploader




Tutorial Tools





Similar help and support threads
Windows 7 Tutorial Category
Autoruns now has Virustotal integration
Startup Manager Autoruns 13 introduces Virustotal integration - gHacks Tech News Compared to the Virustotal integration in Process Explorer, Autoruns will for example also check dll files used in context menus etc.
Security News
VirusTotal getting annoying cause of FPs
I use sigcheck from Sysinternals to once a month or so check all executable images in system32\drivers and system32 on VirusTotal. Usually there's only a few false positives, mostly from AegisLab and sometimes from ByteHero. I don't know these two engines but from what I've seen so far, I'm not...
System Security
AdwCleaner bad VirusTotal result 4/55
AdwCleaner has been recommended from several quarters. I have downloaded "adwcleaner_3.308.exe" from the author ... https://toolslib.net/downloads/viewdownload/1-adwcleaner/ But scans by VirusTotal and Metascan return negative results VirusTotal - fresh scan 31-Aug-2014...
System Security
Facebook Photo Uploader [Chrome]
Drag and drop your photos directly from your computer to Facebook. How To Use 1. Open app. 2. Drag photos from Windows Explorer or Finder directly to the album. 3. When you drop them they will automatically begin uploading. ...
Browsers & Mail
Rapidshare hand out uploader's details, house raided
This is not Windows 7 related but it's rather interesting. Full details on Releaselog | RLSLOG.net Rapidshare hands over uploader’s details, house raided
Chillout Room

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 15:55.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App