To stay secure on the web, safe browsing practices are a must. That is especially true when you download software. How do you know if the file you download has a virus? This guide can help.
What is the worst that can happen?
Well to put it simply, a lot. Malware often will sneak onto a system through a legitimate download, and then infect your system. Think of it like the Trojan Horse of Greek mythology. In fact, that is where the classification of malware Trojan gets its name, by masquerading as a legitimate file, then infecting your system.
Trojans are not the only malware that can sneak in. One of the scariest is Ransomware, where attackers lock you out of your system and demand payment.
How can I tell If I downloaded malware?
There are three methods that you can use to determine if you have downloaded malware. You can perform one method, or you can perform all three whenever you decide to download a file.
Method 1: Direct Scan
Some antivirus products come with the ability to scan a file directly. A way to tell if yours has this ability is to right-click a file and tell it to scan with (Name of AV software). After downloading a file, you can do this with the file and ask it to scan, and the AV product will scan it and determine if it is a malicious file. This method is not malware-proof, however. Stealthy malware may go unnoticed, so it might be safest to employ an additional method.
Method 2: VirusTotal
You can use free software called VirusTotal to check for malware on links – before you even click them- as well as files you have already downloaded.
- Go to: www.virustotal.com
- Select whether you want to check a link or file you have downloaded
- FILE: Choose the file on your computer that you want to check and click Confirm the Upload.
- URL: On the site where the download link is located, right-click on the download link or the download button and copy the URL address. Then go to the VirusTotal site, click the URL option, and paste the URL into the text box and hit Enter.
VirusTotal uses 70 different antivirus engines to check the file or URL. You can see who flagged it as potential malware, details of the file, and what the community thinks of the file or URL.
You will be able to tell one way or another if the file or link is malicious. It will be marked “Clean,” or you will see any engines that have determined it to be malicious.
Method 3: Check the Hash
Have you ever noticed numbers and characters with either an MD5 or SHA1 next to or above a download link? That is the hash of a file.
There is a computing algorithm that runs to create the long string of characters based on the file’s content. If there are changes to the file from its original form, it will drastically change what the hash is.
Essentially this method validates that file you are downloading is a legitimate file that was posted on the website.
To use this method:
- Download the file
- Go to onlinemd5.com and upload the file to run a hashing algorithm on it
- Select the appropriate algorithm for the hash on your file: MD5, SHA1, or SHA-256
An interesting side note, if you scroll down on that site there is a generator for text, you can see how adding one or two characters can drastically change the hash value of a file. Same thing if you switch two different characters in a file.
What do I do if a file fails or is marked malicious?
We would highly recommend deleting the file(s) that came back marked as malicious – no matter which method(s) you used. Then, run a full antivirus scan on your system to be sure that no malware was downloaded onto it.
Call Us for Peace of Mind
If you have any questions, want some additional help checking the safety of a downloaded file, or need some assistance making sure that you don’t have any malware on your system we will be happy to help!
Give us a call at (844) 448-7767, or reach out to us on our Contact Page