Continuing my diary entries on Sysinternals tools with VirusTotal support, I'm taking a look at autoruns.
Autoruns is another fine Sysinternals tool that comes with VirusTotal integration. If you are not familiar with autoruns, it scans all auto-starting locations in Windows and provides a comprehensive report. This gives you an overview of all programs that start automatically on the scanned Windows machine.
When you start autoruns it will start scanning the Windows machine. Wait for the scan to terminate, or abort it with the Escape key.
Go to the scan options:
And enable "Check VirusTotal.com":
With this option, autoruns will only submit hashes to VirusTotal. If a file is not known by VirusTotal, you won't have a score. But if you enable "Submit Unknown Images" too, then autoruns will submit (upload) files that are not in VirusTotal's database, and you will have a score after VirusTotal finishes scanning the file (this takes a couple of minutes).
Hashes will be submitted:
And soon you'll have the VirusTotal scores for known entries:
Jul 19th 2015
3 years ago