Integration with VirusTotal

It would be nice if the apps where checked against Virustotal and report back if any AV detects it (the sensibility could be configurable)
This could be additionally reported in the firewall tab with an additional column dedicated to VT

We’re working on this, thanks! Unfortunately the checking can’t be automatic because I think would complain, because we have a million users now. It might overwhelm their servers.
Allowing users to upload manually is what we’re working on.

1 Like

That would be an awesome feature! ProcXP (SysInternals) does it but they probably don’t have but a few 100k users. They send the MD5 hash which is light traffic and send unknown files for analysis.

I notice many users of GW are well up on Windows system investigation so must be tech related .Many take an interest in malware so maybe those members might be interested in a professional type malware indicator namely Pestudio from this is a malware assessment app for EXE files . Quote= Malicious exe files hide their malicious intents and evade detection in doing so anomalies show up . The exe is dragged and dropped on the app and shows up a multitude of conditions including direct Virus Total upload on MD5 the exe is never started so there is no risk it was exhibited at =black hat -2015 -Las Vegas . I must point out this is indication only and you need computer technical knowledge to interpret it.

1 Like

Thanks for sharing peStudio. Using it now.

1 Like

also there is VT Hash checker by Boredomsoft. it will ping VT to see if the hash is already there (95% of the time it is for me anyway) and if its not it will allow you to upload the file to VT. PeStudio is great for malware analysis but it can only ping for the results it cant yet upload a file for you. VT Hash checker does require you to sign up for a free API key on the VT website though. I have added both to my right-click menu and also add VT Hash check to my download manager (IDM) as the virus checking program and it works flawlessly. You get ~55 opinions almost immediately instead of just one AV.