Did you ever get an email with an attachment and wonder if your getting ready to open a file infected with a virus? You already know you should never open an attachment from someone you don’t already know, right?
If you suspect a file is infected or just want to make sure it’s safe, there is a quick and easy way to check if it’s infected or safe. Instead of opening the file, save it to a folder on your hard drive and remember that location.
Now open your favorite browser (IE, firefox, etc) and type in the URL http://www.virustotal.com. VirusTotal is a great site that will allow you to check the file against 40+ different Anti-Virus (AV) programs for free! All you need to do is upload the file by pressing the “Browse” button and navigate to where you saved the attachment. When you have selected it, press the “Send File” button to upload it.
Once the file is uploaded, it will begin scanning. When it’s completed, typically in less than a minute,look to see if any of the AV programs found the file as a virus. Here's a sample report.
My rule of thumb is that if even one AV program tags it as a virus, DO NOT OPEN IT! As you can see in the example I used, there was no virus detected. This would give me enough assurance that the file was clean that I would open it.
Just to be completely clear, even if you scan the file and no viruses are detected, there is no positive guarantee the file is clean. It just means that it does not contain a virus previously seen by the site's AV vendors. But if over 40 vendors have not seen it, it will be safer than if you just opened it without checking.
Thanks for reading!
Jeff Gibson is a Vulnerability and Forensics analyst at Westfield Insurance. Sharing Knowledge. Building Trust
Comments