VirusTotal File Scanner

Check any suspicious file against 70+ antivirus engines at once, without uploading it anywhere.

What it does

VirusTotal is a free online service (owned by Google) that runs files through dozens of antivirus engines simultaneously. Rather than trusting just your own antivirus, you get a second, third, and seventieth opinion. TuneBit's VirusTotal tool lets you check a file right from your desktop and shows the results inline.

Why it's private

TuneBit does not upload your file. It computes a SHA-256 hash — a long mathematical fingerprint — and sends only that hash to VirusTotal. If someone has seen and scanned the same file before (which is true for almost any widely distributed file), VirusTotal already has a report. If the file has never been seen before, you'll see a "not found" result and can decide whether to upload it manually via virustotal.com.

When to use it

You downloaded an installer from a site you don't fully trust.
An attachment arrived in email and it seems a little off.
Your antivirus says a file is clean but you've got a hunch.
You're diagnosing another PC and want to sanity-check a suspicious executable.

Before your first scan: add your VirusTotal API key

TuneBit does not ship with a VirusTotal API key — you need your own, which VirusTotal hands out for free to anyone with an account. One-time setup:

Sign up at virustotal.com (free tier is fine for ordinary use).
In VirusTotal, click your avatar → API Key and copy the long string.
In TuneBit, go to Protect → VirusTotal and expand the Your VirusTotal API Key panel near the top.
Paste the key into the text field and click Apply. The status line should flip from red to green.

Where your key is stored:

Fixed-drive install (TuneBit running from your hard drive): the key is saved per-user in the Windows registry at HKCU\Software\TuneBit\VirusTotal\ApiKey. It survives upgrades but does not roam to other PCs.
Portable / USB install: the key is saved in a plain-text file named virustotal.ini in the same folder as TuneBit.exe. The key travels with the stick — useful if you move between machines.

Your key is sent only to VirusTotal's own servers (in the x-apikey HTTP header) and is never transmitted to TuneBit's servers. You can hand-edit either storage location to rotate the key, or delete it to clear the key entirely.

How to scan a file

Go to Protect → VirusTotal.
Drag-and-drop a file onto the big drop zone, or click Browse to pick one.
TuneBit shows you the file's SHA-256 fingerprint and size.
Click Scan. Within a second or two you'll see a result ratio — for example, 0 / 72 (clean) or 43 / 72 (very bad).
Click the View on VirusTotal link to see exactly which engines flagged it and what they called it.

Reading the results

0 detections: The file has been seen before and nobody thinks it's malware. Very likely safe.
1–2 detections: Often a false positive, especially for niche or small-developer tools. Click through and see which engines flagged it. If they're big names (Kaspersky, BitDefender, Microsoft), treat it with suspicion.
3+ detections: Treat it as malicious. Delete it or move it to quarantine.
Not found: Nobody has scanned this particular file before. That's not automatically bad, but it is more common in malware targeting small numbers of people.

Rate limit: VirusTotal's free tier caps requests per minute and per day. TuneBit automatically waits 15 seconds between scans to stay within the per-minute limit. If you hit the per-day limit, you'll see a "rate limit exceeded" message — wait until the next day, or upgrade your VirusTotal plan if you scan a lot of files.

A clean result is not a guarantee. Brand-new malware can circulate for hours or days before antivirus vendors catch up. A 0/72 score means "no one has caught this yet" — which is the most likely explanation, but not the only one. Use VirusTotal as one data point alongside common sense: don't run executables from strangers.