Is that file safe?

So you’ve downloaded this great new piece of free software, but you’re not sure if it’s safe to install. Your antivirus software says it’s not infected, so you can assume it’s safe, right?

Not so fast. Nothing detects everything. Using multiple virus scanners dramatically decreases the chances of something getting through.

One piece of security advice I’m sure you’ve heard before is to scan with more than one antivirus program. The problem is deciding which programs to use, and getting multiple programs to install and coexist on one machine. I’ve seen a PC with both Symantec and McAfee antivirus programs on it, but it was slow, and I’m not confident it was really stable enough to rely on for day-to-day computing. The choice of vendors is a little curious too–rather than have two U.S. vendors, I’d rather have vendors from two different parts of the world.

The most practical way to follow the advice to scan everything with multiple antivirus programs is to use an online scanning tool like Virustotal.com before installing them. Just visit the page and upload your newly downloaded file for analysis.

The operators of Virustotal.com don’t guarantee results, and bad guys use this tool too, to see if their stuff gets detected. But if you upload a file to it and it indicates someone scanned it in the past and there are no registered complaints about the file, that’s a reasonable indication that the file is safe. You can view the results to see when the file was last analyzed, and then if you want, you can analyze the file again using today’s virus definitions–which is probably a good idea. If the file was last analyzed a month ago, you don’t have any way of knowing whether it was someone like you who analyzed it, or a bad guy who analyzed it as part of his development process. The former is more likely, of course.

So I recommend, when given the choice, to view the last results to see when the file was scanned last, and then hit your browser’s back button and click the button labeled Reanalyse to get today’s results.

The next time you install anything–an online coupon printer, a photo printer, a game, or something else–I strongly recommend scanning it before installing.

%d bloggers like this:
WordPress Appliance - Powered by TurnKey Linux