Wednesday, April 11, 2012

, , , , ,

Increasing the family

Wednesday, April 11, 2012 Marco de la Vega 7 comments
Today we have released a new VirusTotal version, as usual, we would like to share with you the modifications and enhancements:

  • New URL scanning engines and malicious URL/domain datasets have been integrated in our URL scanner: Antiy-AVLK7AntiVirusMalware Patrol, Minotaur, WoT and zvelo. We want to give a warm welcome to all of them!
  • Whenever a scanned URL is a redirector, the redirected URL is also queued for scanning. The additional information section of the redirector URL will link to the report of the redirected URL. For example, that's exactly what happens when you scan, since it redirects to (SSL), you will see the redirected URL report link in the additional information section:
  • The National Software Reference Library information is back on VirusTotal and appears in the additional information section of the file scan reports whenever the analysed file is found in the NSRL database:
  • Many users missed the old interface's VirusTotal Community summary in file and URL reports. The summary box used to detail the number of users that voted a resource as malicious/benign and the aggregated reputation points of these users. In coherence with the requests received, we have added a Votes tab and the end of reports that shows who voted on a given resource and the number of file/URL reputation credits that the vote added to the file/URL's karma. Please note that the file/URL karma is computed via a formula that takes into account user votes, user reputation credits and other heuristics based on the different tools integrated in VirusTotal.
  • Certain tools were acting on the files but were not being displayed in the new interface (yet the old interface did show them), they now are displayed as usual in the additional information section: Clam AV potentially unwanted application file tagging, Symantec suspicious-insight file tagging, F-Secure Deepguard file tagging, Androguard android file analyser, Antiy-AVL unpacker, F-Prot unpacker, PE compilation timestamp, PE entry point, PE target architecture (machine type), PEiD packer identifier. 
  • VirusTotal Community members can now modify their password through their user settings.
  • You may also notice minor styling changes, such as the fact that malicious/benign voting icons have changed for angel/devil emoticons. The idea behind these modifications is to make the interface more intuitive.
In the meanwhile we are cooking very exciting enhancements that we really hope will please the Community, stay tuned. As always, we would love to hear from you.


  1. Without trying to send any file I obtain always this message: " Archivo demasiado grande
    El archivo seleccionado excede el lĂ­mite de 32MB".

    It´s not possible to send any URL or file to check.!!!

  2. Same here :( The message is: "File too large. The submitted file execeeds the 32MB size limit."

  3. The old page components from cache break the site. Ctrl-F5, Shift-Refresh or similar should fix it.

  4. Hello, @nfl is right, the cached static components were breaking the site, we have made some modifications to the HTML code to force re-requesting cached static elements, please get back to us if you still experience any problems.

  5. please add prevx scanner it a good scanner it not old

  6. You say above that "Certain tools were acting on the files but were not being displayed in the new interface (yet the old interface did show them), they now are displayed as usual in the additional information section [including] Symantec suspicious-insight file tagging".

    Symantec have revived their obnoxious 'Suspicious.Insight' under the name 'WS.Reputation.1' -- apparently exactly the same piece of garbage as before except it has a new name. It is not (yet) being displayed as additional information. See, e.g.,
    The same objections apply to 'WS.Reputation.1' as to 'Suspicious.Insight' -- in particular that this is scaring away potential customers. See the page entitled "Symantec WS.Reputation.1 False Positive" at
    Please remove Symantec from the list of virus-detectors until such time as they remove 'WS.Reputation.1' -- or at least consign this rating to the additional information section, so that it doesn't pollute the overall results.

  7. Muchas gracias por este grandioso servicio, es realmente muy bueno