VirusTotal is a

website A website (also written as a web site) is a collection of web pages and related content that is identified by a common domain name and published on at least one web server. Examples of notable websites are Google Search, Google, Facebook, Amaz ...

created by the Spanish security

company A company, abbreviated as co., is a Legal personality, legal entity representing an association of people, whether Natural person, natural, Legal person, legal or a mixture of both, with a specific objective. Company members share a common p ...

Hispasec Sistemas. Launched in June 2004, it was acquired by

Google Google LLC () is an American multinational technology company focusing on search engine technology, online advertising, cloud computing, computer software, quantum computing, e-commerce, artificial intelligence, and consumer electronics. ...

in September 2012. The company's ownership switched in January 2018 to

Chronicle A chronicle ( la, chronica, from Greek ''chroniká'', from , ''chrónos'' – "time") is a historical account of events arranged in chronological order, as in a timeline. Typically, equal weight is given for historically important events and lo ...

, a subsidiary of

. VirusTotal aggregates many

antivirus Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. ...

products and online scan engines called Contributors. In November, 2018, the Cyber National Mission Force, a unit subordinate to the U.S. Cyber Command became a Contributor. The aggregated data from these Contributors allows a user to check for viruses that the user's own antivirus software may have missed, or to verify against any

false positive A false positive is an error in binary classification in which a test result incorrectly indicates the presence of a condition (such as a disease when the disease is not present), while a false negative is the opposite error, where the test result ...

s. Files up to 650 MB can be uploaded to the website, or sent via email (max. 32MB). Anti-virus software vendors can receive copies of files that were flagged by other scans but passed by their own engine, to help improve their software and, by extension, VirusTotal's own capability. Users can also scan suspect

URL A Uniform Resource Locator (URL), colloquially termed as a web address, is a reference to a web resource that specifies its location on a computer network and a mechanism for retrieving it. A URL is a specific type of Uniform Resource Identifie ...

s and search through the VirusTotal dataset. VirusTotal uses the Cuckoo

sandbox A sandbox is a sandpit, a wide, shallow playground construction to hold sand, often made of wood or plastic. Sandbox or Sand box may also refer to: Arts, entertainment, and media * Sandbox (band), a Canadian rock music group * Sandbox ( ...

for dynamic analysis of

malware Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, depri ...

. VirusTotal was selected by ''

PC World ''PC World'' (stylized as PCWorld) is a global computer magazine published monthly by IDG. Since 2013, it has been an online only publication. It offers advice on various aspects of PCs and related items, the Internet, and other personal tech ...

'' as one of the best 100 products of 2007.

Products and services

Windows Uploader

VirusTotal's Windows Uploader was an application that integrates into the Explorer's (right-click) contextual menu, listed under ''Send To > Virus Total''. The application also launches manually for submitting a URL or a program that is currently running in the OS. VirusTotal stores the name and various hashes for each scanned file. Already scanned files can be identified by their known (e.g., VT default)

SHA256 SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compression ...

hash without uploading complete files. The SHA256 query

has the form https://www.virustotal.com/latest-scan/SHA256. File uploads are normally limited to 128 MB. In 2017 VirusTotal discontinued support of the Windows Uploader.

Uploader for Mac OS X and Linux

Same as the Windows app you upload the file (via the app's UI or context menu) then you will be given back a result. The Mac OS X app can be downloaded from their website. However, you need to compile and build the app for Linux using the same core (provided in their repository) used in the Mac OS X application. Already scanned files can be identified by their known (e.g., VT default) SHA256 hash without uploading complete files.

VirusTotal for Browsers

There are several browser extensions available, such as ''VT4Browsers'' for

Mozilla Firefox Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements current and a ...

, and

Google Chrome Google Chrome is a cross-platform web browser developed by Google. It was first released in 2008 for Microsoft Windows, built with free software components from Apple WebKit and Mozilla Firefox. Versions were later released for Linux, macOS ...

and ''vtExplorer'' for

Internet Explorer Internet Explorer (formerly Microsoft Internet Explorer and Windows Internet Explorer, commonly abbreviated IE or MSIE) is a series of graphical user interface, graphical web browsers developed by Microsoft which was used in the Microsoft Wind ...

. They allow the user to download files directly with VirusTotal's web application prior to storing them in the computer, as well as scanning URLs.

VirusTotal for Mobile

The service also offers an

Android Android may refer to: Science and technology * Android (robot), a humanoid robot or synthetic organism designed to imitate a human * Android (operating system), Google's mobile operating system ** Bugdroid, a Google mascot sometimes referred to ...

App that employs the public

API An application programming interface (API) is a way for two or more computer programs to communicate with each other. It is a type of software Interface (computing), interface, offering a service to other pieces of software. A document or standa ...

to search any installed application for VirusTotal's previously scanned ones and show its status. Any application not previously scanned can be submitted, but an API key must be provided and other restrictions to public API usage may apply (see #Public API).

Public API

VirusTotal provides as a free service a public API that allows for automation of some of its online features such as ''"upload and scan files, submit and scan URLs, access finished scan reports and make automatic comments on URLs and samples"''. Some restrictions apply for requests made through the public API, such as requiring an individual API key freely obtained by online signing up, low priority scan queue, limited number of requests per time frame, etc.

Antivirus products

Antivirus engines used for detection for uploading files.

Website/domain scanning engines and datasets

Antivirus scanning engines used for URL scanning.

File characterization tools & datasets

Utilities used to provide additional info on uploaded files.

Privacy

Files uploaded to VirusTotal may be shared freely with anti-malware companies and will also be retained in a store. The VirusTotal ''About Page'' states under ''VirusTotal and confidentiality'':

Files and URLs sent to VirusTotal will be shared with antivirus vendors and security companies so as to help them in improving their services and products. We do this because we believe it will eventually lead to a safer Internet and better end-user protection. By default any file/URL submitted to VirusTotal which is detected by at least one scanner is freely sent to all those scanners that do not detect the resource. Additionally, all files and URLs enter a private store that may be accessed by premium (mainly security/antimalware companies/organizations) VirusTotal users so as to improve their security products and services.

References

External links

* {{DEFAULTSORT:Virustotal Antivirus software Freeware Google acquisitions Internet properties established in 2004 2012 mergers and acquisitions