Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: VirusTotal + HerdProtect - Check Files with Simultaneously

28 Feb 2015   #20
Midori

Primary OS: Archlinux with Kde-Plasma5 x86-64. Secondary OS: Windows 8.1 x64. UEFI Setup.
 
 

Tiny code update to my own script on 'Post 6' to be able to process paths like 'Program Files (x86)' by using also 'EnableDelayedExpansion' in the main part.
Script will not be able to read files or paths using '!', but that is less important than every special character breaking the script.

Have a good day ^^.


My System SpecsSystem Spec
.
29 Sep 2016   #21
Tranquil Hegemo

Windows 7 64bit
 
 

Has something changed or is my PC having a hissy fit of some description. Tried to check a couple of files this morning only to be greeted with the following:

Code:
***** VIRUSTOTAL *****
e:\users\butters\desktop\f5 stuff\cfgwkst.pdf:
        Verified:       Unsigned
        File date:      12:16 30/08/2016
        Publisher:      n/a
        Company:        n/a
        Description:    n/a
        Product:        n/a
        Prod version:   n/a
        File version:   n/a
        MachineType:    n/a
        VT detection:   0/53
        VT link:        https://www.virustotal.com/file/ce3cf51eef902276ab6e0e05
583a5945d0aa7ad54abb3042270a45e5c6afa2a4/analysis/
***** HERDPROTECT *****
        Unknown file

Press any key to continue . . .
Tried it with another pdf file and a couple of other random files as well with similar results.
My System SpecsSystem Spec
29 Sep 2016   #22
Midori

Primary OS: Archlinux with Kde-Plasma5 x86-64. Secondary OS: Windows 8.1 x64. UEFI Setup.
 
 

The scripts in this thread do not send/scan files.
What these scripts do, is lookup the database of Virustotal and Herdprotect (AKA Check Files).

For Virustotal, the program 'sigcheck.exe' is used to lookup.
For Herdprotect, the SHA1 hash is used to download the HTML page. After downloading, the page is read and used.
If the HTML page does not contain a line containing the text 'Scanner detections:', the file was never identified before.

PDF's, Images, etc usually do not contain alot of metadata info. That is why you see alot of N/A on these tags, this does not affect the lookup though.

If the script were to send every file to the server, the checks might take long time and unless their server rejects already scanned files, they might be spammed from repeated continuous file uploads.
Else I could have make it 'optionally' send unknown files through my script, if i know how to. That way It can contribute to increasing the database of Herdprotect :3.


If in doubt still, I recommend try my script in post #6. Mine is more functional and you might have more luck with it.

Unrelated: Hey Tookeri, after more than a year of leaving alone, my script still works .
My System SpecsSystem Spec
Comment

 VirusTotal + HerdProtect - Check Files with Simultaneously




Tutorial Tools Search this Tutorial
Search this Tutorial:

Advanced Search




Similar help and support threads
Windows 7 Tutorial Category
Process Explorer + VirusTotal (to check all processes with 50+ AV's)
Process Explorer by Sysinternals(Microsoft) is a more advanced alternative to Windows Task Manager VirusTotal.com is a multi-engined scanner service from Google with more than 50 different anti-virus products including: AVG, Avast, Avira, BitDefender, ESET, F-Secure, GData, Kaspersky,...
Tutorials
VirusTotal getting annoying cause of FPs
I use sigcheck from Sysinternals to once a month or so check all executable images in system32\drivers and system32 on VirusTotal. Usually there's only a few false positives, mostly from AegisLab and sometimes from ByteHero. I don't know these two engines but from what I've seen so far, I'm not...
System Security
herdProtect: Malware Detection
herdProtect by Reason Malware Detection: herdProtect, a multi-engine cloud based scanner ! Warning ! Effective malware remediation often requires specialized knowledge and tools. You can use this tutorial on your own, but it is best to have the guidance of a SevenForums (SF) member...
Tutorials
VirusTotal Uploader
VirusTotal Uploader VirusTotal Uploader (VTup) adds an Explorer context menu that allows you to right click on a file detected as suspicious by any malware scanner or Anti-Virus (AV) application and send it to VirusTotal (VT) for further analysis. . 1. Read the VTup online documentation. ...
Tutorials
HerdProtect getting stopped by AVG
Hi, I just downloaded and tried to run Herd Protect. Then AVG popped up with a security threat. The first time i clicked the "allow threat" The second and third time I clicked "remove threat." Then I turned off AVG in the task manager. But Herd Protect stayd stuck and the AVG window kept returning....
System Security
Open more than 15 files simultaneously from explorer
I often have a need to open many files simultaneously from explorer (e.g. file1.txt, file2.txt, file3.txt, etc.). In Windows XP, I can select, say 30 files, and open them all by selecting them in an explorer window and either hitting "enter" or selecting "open" from the right mouse context dialog...
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:29.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App