X-Ways VirusTotal X...
Clear all

X-Ways VirusTotal X-Tension  


I wrote a quick X-Tension a while back and finally had some time to
clean it up.

This allows an examiner to check the status of a file via the
VirusTotal API directly through X-Ways and get the status in the
X-Ways messages window.

Note that this does **not** submit the file to VirusTotal, it only
checks to see if an existing report exists for a given file’s hash and
retrieves the results. All checks are performed via SSL.

Requires Microsoft's .Net Framework v3.5 and a valid public (or
private) API key from VirusTotal which can be obtained for free from

Download links, installation steps, and screenshots all available

Feedback, comments, complaints, and bugs appreciated.

Posted : 02/07/2014 12:09 am
Community Legend


Very nice. mrgreen

Posted : 02/07/2014 7:41 pm

Just tried on version 18.8 and it comes back with

[XT] Invalid API Key, please edit xtVirusTotal.ini or use X-Tension About
An exception of type 20301 occurred at offset 7FF83E32871C.

Is this is a known bug? I have a valid API key.

Posted : 14/07/2016 10:09 pm


I just tested this with 18.9 x64 and it works. Can you provide any other info?

[XT] Item Full Path \Inetpub\wwwroot\autorun.inf
[XT] File has been scanned before... getting results
[XT] Scan Date 7/5/2016 93205 PM
[XT] Scan ID 7611738317dabe43daeeb0b45698c0e37ecfd546d29761a63e57dd779984589b-1467754325
[XT] Scan URL http//www.virustotal.com/file-scan/report.html?id=7611738317dabe43daeeb0b45698c0e37ecfd546d29761a63e57dd779984589b-1467754325
[XT] Message Scan finished, information embedded
[XT] Bkav Detected Not Detected
[XT] MicroWorld-eScan Detected Worm.Autorun.VHG
[XT] nProtect Detected Worm.Autorun.VHG
[XT] CMC Detected Generic.Win32.2c29248d7b!CMCRadar
[XT] CAT-QuickHeal Detected Not Detected
[XT] McAfee Detected Not Detected
[XT] Malwarebytes Detected Not Detected
[XT] Zillya Detected Downloader.OpenConnection.JS.4493
[XT] AegisLab Detected W32.W.Kido.ix!c
[XT] K7AntiVirus Detected Trojan ( 0008d3ac1 )
[XT] Alibaba Detected Not Detected
[XT] K7GW Detected Trojan ( 0008d3ac1 )
[XT] TheHacker Detected W32/Conficker.autorunL
[XT] Baidu Detected Not Detected
[XT] F-Prot Detected JS/AutoRun
[XT] Symantec Detected W32.Downadup!autorun
[XT] ESET-NOD32 Detected a variant of Generik.MFNZBXQ
[XT] TrendMicro-HouseCall Detected TROJ_DOWNAD.INF
[XT] Avast Detected BVAutoRun-S [Wrm]
[XT] ClamAV Detected Win.Worm.Autorun-425
[XT] Kaspersky Detected Net-Worm.Win32.Kido.ir
[XT] BitDefender Detected Worm.Autorun.VHG
[XT] NANO-Antivirus Detected Not Detected
[XT] SUPERAntiSpyware Detected Not Detected
[XT] Ad-Aware Detected Worm.Autorun.VHG
[XT] Sophos Detected Mal/ConfInf-A
[XT] Comodo Detected NetWorm.Win32.Kido.~ir
[XT] F-Secure Detected WormW32/Downaduprun.A
[XT] DrWeb Detected Win32.HLLW.Autoruner.5601
[XT] VIPRE Detected Worm.Win32.Conficker.B!inf (v)
[XT] TrendMicro Detected TROJ_DOWNAD.INF
[XT] McAfee-GW-Edition Detected Not Detected
[XT] Emsisoft Detected Worm.Autorun.VHG (B)
[XT] Cyren Detected JS/AutoRun
[XT] Jiangmin Detected Worm/Kido.adz
[XT] Avira Detected WORM/Conficker.Gen
[XT] Antiy-AVL Detected Not Detected
[XT] Kingsoft Detected Not Detected
[XT] Microsoft Detected WormWin32/Conficker.B!inf
[XT] Arcabit Detected Worm.Autorun.VHG
[XT] ViRobot Detected Worm.Win32.S.Net-Kido.95034[h]
[XT] GData Detected Worm.Autorun.VHG
[XT] AhnLab-V3 Detected Win32/Conficker.worm
[XT] ALYac Detected Worm.Autorun.VHG
[XT] AVware Detected Worm.Win32.Conficker.B!inf (v)
[XT] VBA32 Detected Net-Worm.Win32.Kido.ix
[XT] Zoner Detected Not Detected
[XT] Tencent Detected Win32.Worm-net.Kido.Hrfl
[XT] Ikarus Detected Worm.Win32.Conficker
[XT] Fortinet Detected INF/Conficker.EM!worm
[XT] AVG Detected Worm/Generic_c.ZS
[XT] Panda Detected W32/Conficker.C.worm
[XT] Qihoo-360 Detected Malware.Radar01.Gen

Posted : 14/07/2016 11:10 pm
New Member

Hello Chad,

I am testing this on 20.0 x64 and I also get the error:

[XT] Invalid API Key, please edit xtVirusTotal.ini or use X-Tension About

but the API is newly generated and copy pasted.


Please advice.


Posted : 24/10/2020 6:57 pm