Blog

If This File Safe

How To Check A Suspected File or URL

Most AV programs run continually in the background and will alert you if you have malicious file or you have visited a malicious URL. In addition, if you have a file on your system you can click on the file and have your antimalware / anti-virus program scan the file.

However, most AV programs work with only two methods of detection.

  1. On-Access Scans: The AV program will scan any new program or file and compare them to known viruses they have in their database. This is often called On-Access Scanning. Your AV program must be running for this to work.
  2. Heuristics: This is a process that is not necessarily optimal or guaranteed but it is a process that a AV computer might use to quickly judge if the program looks suspicious, does suspicious things or doesn’t do what is expected. So if the AV program does not expect a certain file to have access to your system files it may flag it infected. One major benefit of a heuristic scan is that a previously unknown virus might be discovered.

Also, some AV programs do not scan compressed files. You may download a file called xyz.zip. The zip file might actually have 30,50 or over 100 different files compressed within the .zip file. If you AV program does not scan compressed files there is a fair chance that that a malicious file can be downloaded to your computer once you unzip the file.

In most cases your AV program is enough to prevent a malicious file from running on your computer or warn your before opening a malicious website but what if it is not enough. Some AV programs will detect files that other won’t. Knowing that you are running your favorite antimalware program should put most people at ease but what if even after a file has been scanned by your AV program you feel the file is still acting suspicious? What are your options?

Free Insurance

One way to insure you are not blindsided by a rouge file that is able to bypass your AV’s security is to run it through over 60 AV programs. In most cases a file or URL given a clean bill of health after it has been scanned by more than 60 different Anti-Virus and Antimalware programs is a safe. All you need to achieve this is internet access.

VirusTotal

VirusTotal.com is that place. It is a free service that allow you to drag and drop  any file on your system and have scanned by over 60 different programs. You may also enter any URL into Virus Total

Leave a Reply