Thursday, September 1, 2011

Virus Check Any File

Today a customer told me that she actually reads this blog and that she would like to see something about virus-checking any given file. Thank you Rose K. for reading this blog and for the suggestion.

I can think of many scenarios where you have a file, any kind of file, that you feel you better check for viruses before you "work" with it. And you may want something like a "majority vote" because just the other day you read in the newspaper that scary article saying that one anti virus program may not be enough to know "the truth".

As with increasingly many things around computers the Internet can help with a service that will allow you to upload any file up to a size of 20MB; this service then will submit your file to currently 40 (forty!) different anti-virus programs and give you the results.

This free service is called VirusTotal. Here is a partial screenshot of  an example output:

When you click on the Show All button the list gets much, much longer.

In the Result column on the far right you see what every anti-virus program says about the file. No entry here means that the AV program does not qualify the file as containing a virus.

Yes, above mentioned newspaper article is technically correct, one vote is not enough to really matter. But when only 5 of 40 results mark the file as virus infected you can with some degree of reliability assume that these five positive results may be so called "false positives". 

A word of warning: I can imagine that only a few AV programs mark a file as infected while the majority does not and the file actually contains a brand new virus that the majority of AV programs can not yet detect! Depending on the circumstances you may react super carefully rather than too trusting.

Again another good example that computer safety benefits from an open mind, common sense, a good measure of caution and careful consideration of all aspects of the given situation.

The only problem with common sense seems to be that it ain't that common..

