VT Hash Check – VirusTotal’s best friend

Today I write a little review about VT Hash Check which I think can be a useful little utility for Windows users, it’s always good to get a second opinion, especially in the www and with more and more upcoming malware these days. I think it can be useful if you often work with unknown files from ‘underground’ places or simply if you want to check and veryify the file you just downloaded.

VTHashCheck
Scan result overview. False Positive in this case.

About the VT Hash Check

VT Hash Check is coded by Boredom Software, the program is open source and not even 2 MB big which means it doesn’t waste much HDD/SSD space and of courdse it doesn’t waste background processing power because the program runs only if you really need it – during the scan and to show the options/results. The developer is very communicative and he created an open bugtracker, there you can report any wishes and bugs and hetries to fix it as soon as possible.

Installation and Setup

The installation is very easy, download the program and install it, done. The only thing you need to insert is your VirusTotal API key, which you can get for free on VirusTotal, it requires that you register an free account.

 

VTHash
The program doesn’t have a seperate GUI, you work with the right-click to scan unknown files.

 

You can add your own comments which are published online to the files to help others to identify the program/exe/file.

goodware

Command line parameters

VT Hash Check allows you to work with the command line, which means you can automate the scanning process if you want, the following options are avaible:

  • –prefs Opens the settings window instead of checking a file
  • –trid Runs a TrID analysis of the input file(s) instead of a hash check
  • –debug Writes debugging info to the system log. Use a tool like DbgView to view the debug messages.
  • –insecure Disables SSL certificate validation without disabling SSL/TLS (not recommended)
  • –update Shows the updater window instead of checking a file
  • –about Shows the about window instead of checking a file

VTHash_hashfunction

The little hash symbol on the right side opens a dialog which starts to calculate the checksums, a right-click on it allows you to copy the hash into your clipboard or to compare the hash against the one which is already stored in your clipboard.

Program Options

Clicking on the C:\Program Files (x86)\Boredom Software\VT Hash Check\VTHash.exe brings the options dialog into the front, which allows you to input your VirusTotal API key, configure a proxy connection and more.

Options

e

The program is very well documented and you even can setup a custom search parameters to search for the file e.g. on Google or DuckDuckGo.

Final Words

The program is a fantastic little program to quickly checking unknwon files and it does exactly what it promises, it’s free and it bloody works like I would expect it from such a tool. It doesn’t contain any spyware or ads and the best thing it’s fast, the scanning process is really really fast even on bigger files like my tested IObit Installer. Please keep in mind that VirusTotal has a file size limit and that the scanning results are depending on how many people submitting samples to the same time.

I totally recommed the program, go check it out and report back how you liked it.

Advertisements

4 thoughts on “VT Hash Check – VirusTotal’s best friend

  1. Do you think I can ditch MalwareBytes for this? (I’m not using it’s active protection anyway, only scanning once a week)

    Like

    1. Sure, you can combine e.g. ProcessHacker with VT Hash Check, so ProcessHacker can check your running processes against VirusTotal and the rest can be manually checked with VT Hash Check,

      Benefit for you more system resources and well, you know I don’t like AV’s I think their times are over. I write maybe this week something about Sandboxie, maybe that’s something for you.

      Like

      1. What do you mean by “ProcessHacker can check your running processes against VirusTotal and the rest can be manually checked with VT Hash Check”?

        Oh I forgot I already got ProcessHacker. Don’t you think process hacker does what VT Hash Checker does? To make sense of it, I don’t feel like I need both of them on my computer. They both do the same thing, checking hashes against VirusTotal after all.

        Like

        1. It means what it says, ProcessHacker can check the running processes, while you can manually check other .exe/.dll files with VT Hash Check. Problem is that you might want to quickly check some e.g. downloaded files and then VT comes would be more comfortable. 🙂

          Like

Comments are closed.

Blog at WordPress.com.

Up ↑

%d bloggers like this: