VT Hash Check - auto-scan downloads

This is a better option than HMP. 40 different opinions, and the box pops up quickly.

For those that didn't read the other thread: For Firefox users, get the add-on "Download Statusbar", and in the AV tab add the executable for VT Hash Check. If you're certain you already have a clean box, put your real-time AV away and enjoy a massive malware database with no footprint for any future incoming files.

VT Uploader is a good option too, but Hash Check is about twice as fast.

 

Yes good option, for chrome there is an official VirusTotal add-on.

 

My hash check crashes everytime after I do a scan so I removed it.

 

No such problems here. Works great. I set up a nice tight set of rules for it in my FW and allowed it start/run & internet access in Sandboxie restrictions.

 

Yeah thats great but I guess I'll have to stick to the slower one

 

Can't download VT Hash Check from the official webpage...

http://www.boredomsoft.org/vt-hash-check.bs

 

You can do the same using this program https://www.virustotal.com/documentation/desktop-applications/

Or "manually" (right click: scan) using VTzilla (firefox addon) or VTChromizer (chrome addon)
https://www.virustotal.com/documentation/browser-extensions/mozilla-firefox/
https://www.virustotal.com/documentation/browser-extensions/google-chrome/
...............

Anybody knows an alternative to "Download Statusbar" for Chrome? also if there is another addon for firefox able to do the same?

 

I use VTZilla too in FF, for link scanning. You can right-click & scan links before opening the page. It also allows you to scan downloads before actually downloading them, but that's kind of pointless running sandboxed with Hash Check set up to autoscan. If Hash Check found it to be malicious I'd simply close my browser and "poof"...

usefull addon, even with VT Hash Check already in place, especially if you don't use sandboxing.

Strange that you cannot download it from that site RejZor... it works fine for me. Perhaps Avast doesn't WANT you to have it? lol. All things instinctively fight for their survival.

 

It could be that your resident AV software is conflicting with it. Since I have none, I don't have that problem.

 

Yeah but I had a clean system too bad I guess

 

Hi

Try here http://www.softpedia.com/progDownload/VT-Hash-Check-Download-142330.html

Popcorn

 

It should be pointed out that VTzilla is a good alternative to those that can't get Hash Check working, for whatever reason. When you go to download a file in Firefox and that box pops up with the options "Save File", and "Cancel", the addon adds another option to the left in that box "Scan with Virustotal". Click that and it actually scans the file for you before you download it. The results pop up in a new tab. Then afterward you can choose whether to go through with the download and save it, or cancel.

And you can also right-click & scan links with it, like I said, again before opening them.

Very nice addon.

 

It would be better if whole process was automatic so you don't have to manually select "Scan" and repeat download procedure. And if hash is not found, it should submit the sample for actual scanning.

In theory, this would work in a similar manner as Comodo...

 

^ That's why the VT Hash Check method is definitely the better option, it is automatic. But for whatever reason some people can't get it working, so figured I'd mention VTzilla as another option for them. It's more advantageous for people that don't use a sandbox, to be able to scan a file before you actually download it. If you use sandboxing them the Hash Check method is undoubtedly better.

 

It's an old version

 

Hi

so it is oops
try this one, Version 1.0
http://www.bleepingcomputer.com/download/vt-hash-check/

Popcorn

EDIT-sorry this link goes to the Boredom Software page

 

Sorry about that, it's fixed now and also the Bleeping Computer link

Wow, even I didn't know about that trick!

 

HA!... that's awesome. Though I can't take full credit. Another Wilders member (Dgiji) brought Download Statusbar to my attention and mentioned using Hitman Pro with it. So I figured, let's see what else will work with it. And VT Hash Check seemed the best option to me. 40+ opinions, and very quick.

With an already clean box, all you have to worry about then is infection via any removable drive. So I sandbox them, will scan any media on them with several scanners (including VTHC) before adding anything from them to my box, and disable Autorun & Shell Hardware Detection. That pretty much takes care of the other vectors and eliminates the need for a resource hungry real-time AV chewing on my HD.

If you really are the dev. first of all... fantastic product. And secondly, you may wanna think about adding this tweak to your site.

 

Thanks!

Just released version 1.2, and took the opportunity to add your suggestion to the main description.

1.2 adds VT community comments, rescan requests, and a self-updater. 1.2 also has a lot of internal rewiring so please do report crashes and buggy behavior.

 

Tried the latest version and when you are checking for a hash, when VT Hash Check is blocked by a firewall or I guess if no network connection is present, it will crash.
I also have a few suggestions
1. Maybe you could add a .zip version to your site?
2. Icon for the right click menu.
3. Enable the use of SSL by default?
Thanks for this wonderful software.

 

Were you the one who submitted a crash report on my site? Sorry if the contact form is messing up, don't know what's wrong with it yet, but I do get the messages even if the form shows an error.

Also, I expect to fix that in the next version.

Thank you!

I probably will be changing the new updater so that it downloads the setup.exe file alone, while still posting 7z archives on the download page. I really like 7-Zip

An icon is also coming, but for Vista and newer only. XP has so far been unwilling to cooperate with me on this.

As for SSL, VirusTotal seems to be forcing SSL now. I don't know when they started doing this, and I'm not complaining, but basically there no longer is any option not to use SSL. So, you get your wish but don't thank me

 

Neat lookin update... comments can be handy. I use WOT, and though I hardly consider people's comments and end-all/be-all, it's another opinion to use. And auto-updating. I haven't DL'd/installed the new version yet. Can you disable these options if you choose to?

Marked improvements are always of course welcome, but I'd like to see this product remain trim & light. Well, I like every piece of software I use to be, actually. I love that this sucker pops up almost immediately, and I can close it just as fast. A virtually non-existent footprint here one second and gone the next.

It's awesome to see you've added this tweak to the main page too.

Also, I concur with adding a .zip version. 7-zip is great, but lots of people (especially in places like this) don't want to add any 3'rd party software if there's an integrated solution already. Heck, I'm one of them ; ) I think most would prefer a .zip over .exe option.

 

Regarding the trick, could you write an addon to do the same in chrome?

BTW I installed your app and I got this error everytime I upload a file, I tried to report it, but I also got an error in the form... so here it is.
In IE in the connection settings -> lan settings -> I'm under a automatic configurations script

 

Bump - as I want as many people as possible to learn about this awesome approach.

With all the vendors at your disposal, it dwarfs the database any single real-time AV could provide you. It doesn't use resources real time. And since it's not sig based and doesn't have to wait to update defs, much better protection against 0 day threats. Add EMET for even further protection against 0 days... on post XP OS's I found it's footprint to also be very light. Unfortunately the same can't be said for XP. I don't use EMET personally for this reason.

But if you're a Firefox user using anything since Vista, here's 2 really good/light ways to protect against 0 days. Much better than any real-time AV could provide you.

And utilize Sandboxing for any removable drives to cover those vectors that would otherwise be lacking vs. a real-time AV.

Once you go this route, you'll never go back to using a real-time AV again.

 

Also, here's a secure set of FW rules for VT Hash Check - used with Comodo Firewall. I trust the program wholeheartedly, but I'm just anal about allowing only what's necessary. So here goes:

Rule 1 - HTTPS**

Allow TCP Out, Source Add. - Network Zone (LAN), Dest. Add. - IPv4 Single Add. (74.125.34.46), Source Port - A Port Range (1030-4999), Dest. Port - A Single Port (**443)

Rule 2 - DNS 1

Allow UDP Out, Source Add. - Network Zone (LAN), Dest. Add. - IPv4 Single Add. (*8.26.56.26), Source Port - A Port Range (49152-65535), Dest. Port - A Single Port (53)

Rule 3 - DNS 2

Allow UDP Out, Source Add. - Network Zone (LAN), Dest. Add. - IPv4 Single Add. (*8.20.247.20), Source Port - A Port Range (49152-65535), Dest. Port - A Single Port (53)

Rule 4 - Block Rule

Block IP In/Out, Any, Any, Any


* = Comodo Secure DNS servers. Use your own.
** = This is assuming you're using SSL (in VT Hash Check settings)