How to Check Whether Downloaded File is Safe


​Best Anti-malware

MalwareFox ​Premium


  • ​Removes Malware which Antivirus cannot
  • Protects from ​Ransomware Attacks
  • ​Lightweight​ and Fast ​Detection

It’s a terrifying feeling, downloading something that can destroy your computer. PC users have long been targeted with malicious software online, and the concern is real even to this day.

There’s more malware floating around the web than ever before!

What’s worse, it is getting harder to know exactly which websites to trust. Malicious code is now even making its way onto legitimate download sites, no matter how authentic they have been over the years. Fact of the matter is that it is no longer easy to be sure what you are downloading is dipped in malware.

Here’s what to do to make sure you don’t download a virus on your PC.

Safety is an Illusion

As tough as this is to admit, there’s no such thing as absolutely security. You can never be 100% sure that the website you are browsing, or what you downloading will not harm your device — even with all the latest and greatest in security tools.

No such thing as foolproof in the world of security, and this is something you can take to the bank!

Despite the best efforts of the security researchers and developers, the online world still remains a dangerous place. It’s increasingly dangerous to navigate, with hidden threats that steal your identity or hold your data for ransom.

ccleaner compromised

Take, for example, the very strange story of CCleaner.

This is a program that is downloaded by millions of people across the globe every week. Back in 2017, a legitimate signed version of the application was found to contain malware. It did not actively harm systems, but did collect information that could be used for nefarious purposes, farming details like the name of the computer, list of installed software and running processes, MAC addresses, and whether the infected machine was running with administrative privileges.

A few days after this news broke, a second payload was discovered, said to be a targeted attack against technology companies.

Point being, anything can be infected nowadays — even software that you think you are downloading from previously secure sources. The only way to truly stay on the safe side is to be actively vigilant against files and content that you download from the web.

What are you downloading?

It is not hard to pick up some clues along the way. For starters, if you are downloading something from a shady source, chances are that your package may come with a virus hidden in the download. Pirated content, in particular, runs a heavy risk.

The website you are downloading it from is another factor. If you are grabbing something from a very basic site, you are probably being duped into downloading malware.

malware website

Of course, there are always exceptions to the rule. Most software developers are not web designers. But it’s easy to spot a minimalistic site that centers on the content first and foremost, with tall claims and scattered banners that entice you to click the download button.

These are what you should stay away from.

Downloading files is not the only way you can end up with malware on your machine, though. Even loading a website sometimes can expose your computer to malicious code. This is called a drive-by attack, as it happens without you doing anything and simply loading the website.

infected website

That said, there are ways to block the virus at its primary stage. There are certain precautions you can take to insure against malware and reasonably ensure that the file you are downloading is safe.

Before you download

At the end of the day, it all comes down to your usage, browsing and download habits. There are certain, shall we say, best practices before clicking on download links. Listed below are the precautions and preventive measures you should take before clicking the download button.

Assess your downloads: Always be aware of what you download on your PC and where you download it from. It’s recommended to regularly check you downloads folder or browser history to find out if something sinister has crept in. Also, if your download source has a forum or user comments section, it is never a bad idea to scan that and read what others are saying.

Check the source: Always download your programs from a trusted source. If you are downloading an addon from Mozilla or an installer from Microsoft, it is logical that it will not likely be a virus. But if you are nabbing pirated content from shady sources, or a plugin from a random site, then be doubly careful.

Use your judgement: A very important consideration before initiating a download. Look at the size of a file. If it is too small or large for what it is, it may well be junk. Be extra wary of executable files, not just the ones with the .EXE extensions but also .BAT, .PIF, .SCR, and so on. Downloading and running these without proper scanning can potentially open up a can of worms on your computer.

Look for a signature: Popular software is usually signed off with a license. Windows usually throws up a security warning when you try to run downloaded programs from the web, particularly ones that it considers a threat to your computer security or privacy.

Be alert of attachments: Email and forum attachments, both, can be a source of headache. If you get files sent this way, only download and open content from people and places you trust.

Scan before and after: Although scanning is no absolute guarantee, and antivirus programs are not perfect and may not detect new malware, it still is necessary for when you are downloading things from strangers and sources that you are not sure of. Use an online solution to scan before you download, or put your trusty old installed program to use when you have downloaded your file.

browser warning

Long story short, you are the best defense against malicious files. There is no substitute for basic online security practices. These can often be the difference between a safe usage experience and one littered with phishing, adware, and ransomware threats.

That said, there may be times when you might be concerned that a file might be malicious. There are ways to perform more in-depth checks if you suspect a file is compromised.

We’ll take a look at them next.

Online Malware Scanners

Remember those days when almost every antivirus provider had an online component that let you scan your files in a browser? Of course, you do! It was many years ago when free online scanners like these were the norm, made available as addons that needed to be installed and enabled on in the browser.

Furthermore, they had to be manually removed from the browser. No surprises then, that these services are not very popular these days. Their number has dropped from over 60 to around 5.

Those services were useful for quick scans and getting second opinion, as they did not interfere with the antivirus you had installed on your system. But most of these online antivirus scanners did not have the ability to remove or clean any malware they found — they were mere detection tools.

Well, the landscape has changed now.

You can now use web based multiengine antivirus scanners, which are basically online services that allow anyone to upload files and have them scanned with a number of different antivirus programs, including the majority of the most popular ones like Avast, Bitdefender, Kaspersky, Malware, Panda, and Symantec.

All processing happens online, not on your computer.

Better yet, the detection results are displayed within seconds or minutes!

There are a handful of such services now available, with the most popular being VirusTotal. It scans the files you upload with over 70 scanners, confirming whether it contains any malware like virus, Trojans, worms, and more.

Other excellent options are MetaDefender, VirSCAN, Jotti, NoVirusThanks and NoDistribute.

Say Hello to VirusTotal

VirusTotal is one of the foremost multiengine online virus scanners around. It launched all the way back in 2004, but was acquired by Google in 2012. This means that it has access to the best infrastructure, when compared to its competitors, and the most antivirus engines.

This is a very feature rich service, and can not only scan your files, but also comes with URL scanning, additional information on the analyzed files, support for multiple languages, as well as voting and comments. If anything, the community aspects of VirusTotal are second to none.

In terms of its UI, VirusTotal is the cleanest of the bunch. It puts up a handy safe-o-meter that lets you gauge at a glance whether your chosen file is safe or not. And you can also click on the tabs to view detailed information about the product or company, version numbers, even original file name.

And not only can you scan files, VirusTotal can also check if a website is safe to visit — very much similar to a good browser or internet security suite that come with browser addon. You can scan and analyze URLs to double check whether you should proceed to visit, or avoid suspicious sites altogether.

It is also possible to scan using the unique file hashes like MD5, SHA1 and SHA256.

Using VirusTotal to scan your downloads

VirusTotal is simple enough to use. Either drag the file that you wish to scan into the selection box on the VirusTotal website, or click on the Choose File button and navigate to it. Once the upload is complete, the service will begin scanning the file using all the scanning engines it has at its disposal.

After the scans are completed, you are presented with a summary page that contains the results of all the individual scans.

virustotal website

You can use VirusTotal to not just scan program installers, executables and firmware files, but the service can be used to detect malware in any file — from Word documents and PDFs to images, sounds and videos. For common files, you will probably see a popup that notifies you that your file has already been analyzed recently. You can either view the analysis, or if the date was months ago, reanalyze it.

If your file gets a clean bill of health from these scans, there is a fair chance that it does not come packing malware. In case of a false positive, you can also perform a web search on the file name and often find people discussing whether it is a virus or not.

virustotal scan

That is all fine and dandy. But how to use the service to scan the files you want to download before you download them? Glad you asked, because not only are there multiple ways to send files to VirusTotal, there are also a couple different ways you can make sure what you are downloading is safe.

The service takes files from web, email, browser extensions, desktop programs and mobile apps, and even comes with a free public API. This means you can scan remote files just as easily as you can do so local ones.

Simply go to the URL tab, and enter a direct link to the file you want to download and scan. You can then download the file analysis that the service prepares for you.

And for those of you who regularly deal with downloads, you can also integrate VirusTotal into your browser. The service offers browser extensions that allow you to right-click a link on any webpage and start scanning without visiting the VirusTotal website and copying and pasting the link there.

You can find extensions for Google Chrome, Mozilla Firefox, and Internet Explorer.

Scanning your downloaded file with an antivirus

We now come to the after the download part, which is where you might have a file that you already downloaded and don’t want to send up to online multiengine scanners. Perhaps the file size is too large, your upload speed too slow, or you don’t want to hand over private contents for scanning.

In this scenario, your installed antivirus program should make itself useful.

Locate the file that you have downloaded, right-click it and you should see an option to scan it with the security software you have installed on your system. This will only scan your chosen file, instead of your complete drive, and provide you with a confirmation whether the file is safe to run or not.

Again, do keep in mind that absolute prevention is difficult, at best.

Even the best tools can be surpassed.

Case in point, the tale of CCleaner 5.33 above, a perfect example of how even multiengine antivirus tools like VirusTotal can struggle to keep up with the latest malware. That does not diminish their usefulness in any way — just goes to show the massive levels of threats we face.

Conclusion

If you regularly download stuff from the Internet, you most definitely need to be extra cautious on your end and use good sense when clicking on links. It also pays to take necessary precautions by installing capable security programs, and scanning your downloads before and after clicking on the button.

Ultimately, the more you download, the better you will be able to tell suspicious downloads apart from authentic ones. Let security software handle the rest.

Leave a Comment