Hi, I've made a quick VirusTotal-checking utility for my own usage, as I could find no other tool that was matching all my requirements: - really fast and unobtrusive UI/UX - saves a few precious seconds each time, which add up to hours (really) if you are a frequent VT user - by design, will never upload any files, only hashes. (<- this one was especially important to me, for privacy/confidentiality reasons) - tiny and fully portable - global keyboard shortcut - very low memory usage - does not require a VT account - does not require admin rights - support for authenticated proxy environments - uses SHA256 fingerprints (not MD5) - a few other exciting features are in the pipeline - but the application should always stay lean and fast. http://i.imgur.com/RpubJuY.png http://i.imgur.com/sKEUQ8n.png Would people be interested by such a utility? If so, I will consider releasing it pretty soon. (It's currently in private testing) [EDIT] pre-release available - see below. Note that some of the above-mentioned features have not been implemented yet. Web page coming soon. This pre-release is a standalone file and can be downloaded from: http://trax.x10.mx/blitzVT-beta.exe Size: 813,568 bytes SHA256: 34d7ba4b64f49201a45d04694f0aa7bd6f95949308947628e960db440e725410 How to use it: this pre-release does not require installation or configuration of any kind. Just start the application, which stays resident in your system tray. To launch a request, just select an executable file in Windows Explorer or on your desktop and press Win+V.
Here's another screenshot of a scan lookup dialog. The GUI is still under development, so feel free to provide comments or requests. http://i.imgur.com/sKEUQ8n.png
In the uncommon case that a file was never submitted to VT, the hash will be simply reported as unknown. This is all I need to know. It's a design choice: in such a scenario I prefer to manually decide what to do, depending on the context. In some situations you don't want the bad guys to KNOW that their malware has been noticed and is being investigated - which they will the moment you upload the actual file to VT.
I'm familliar with MultiHasher, which is quite nice, but requires a few too many clicks to my liking. Also it does not support proxy settings, keyboard shortcuts, and you can't look up a whole folder of executables at once. Thanks! I'll update this thread when a beta becomes available. The current build, while stable and fast already, is still a bit rough on the UI side and missing a few features. -
OK, I've decided to go ahead and post the beta already, so people can give it a try. So far, only the core features are included. How to use it: the beta does not require installation or configuration of any kind. Just start the application, which stays resident in your system tray. To launch a request, just select an executable file in Windows Explorer or on your desktop and press Win+V. Yes, the UI still needs quite a bit of work but for now, I'm focusing on performance and reliability. More features coming soon. Oh, BTW, the ironic thing is that the beta itself triggers a false positive (Antiy-AVL)! Ah, those obscure AVs... This beta is a 795KB standalone file and can be downloaded from: http://trax.x10.mx/blitzVT-beta.exe SHA256: 34d7ba4b64f49201a45d04694f0aa7bd6f95949308947628e960db440e725410 [EDIT] Updated the beta (current version is 0.81). Thanks for providing feedback. I'd especially like to hear about stability or performance issues, if you encounter any.
As promised, here's a list of known issues with the current build: - accepts only files with a .EXE extension - unable to scan files in some redirected folders on x64 systems - on some systems, hashing of large files fails - garbled sound effect on Win 8 systems A new build addressing these issues will be out soon. Also feel free to report any other issues. Note, the download link in the top post seems to be down. This one should still be OK: http://trax.x10.mx/dl.php?appname=blitzVT_BETA.exe
And here's a sneak preview of the upcoming multi-scan feature... In the meantime the app also got approved by VirusTotal for special "shared key" privileges. Feel free to let me know if there are any questions.
Thanks A new beta build is now ready: http://trax.x10.mx/dl.php?appname=blitzVT_beta.exe MD5: 3bd9f5dd9d1c17b2ca9f7cba33e72521 SHA256: 346abfbd728efa26cbe89d79bd4cd4f5c6e289a56c050290af32b36bcae83238
A new release is available (no installation needed): http://trax.x10.mx/dl.php?appname=blitzvt.exe Note that these beta releases expire after a while. Be sure to check this thread for new releases from time to time. Size: 804 KB SHA256: f1700aba0f330dc4521f158a4fbcc8b99fda26bac741efd6dd8ddb4aa0c09bd0 changes: - support for x64 filepaths - usage statistics - stability enhancements coming up next: - fast multiple-file lookups - realtime plugin for ExeWatch (this will probably cost a few bucks) Feel free to suggest other features or report issues.
Suggestions: Ability to scan any type of file, not just certain file types. Add option to enable/disable context menu scan.
Thanks for the suggestions. First item now implemented in the latest version (see post below). Second item on the to-do list.
A new release is available (no installation needed): http://trax.x10.mx/dl.php?appname=blitzvt.exe New: all file types now supported Win+G global hotkey to scan 10 latest downloaded files (this assumes that your downloads are in C:\Users\username\Downloads - there will be an option to customize this location in a later release) Feel free to test! Thanks for your feedback. I do have plans to improve the UI / UX. Note that these beta releases expire after a while. Be sure to check this thread for new releases from time to time. Size: 788 KB SHA256: 029ca71ebb265700d13a7cf5a2462f104adc5cefb38ece0ffd03b30a1d04d0d6