How do I know if the download is safe or not?

Discussion in 'privacy problems' started by DesuMaiden, Jan 15, 2014.

Thread Status:
Not open for further replies.
  1. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    How can I tell a file that I'm downloading contains viruses, trojans and what not?
     
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
  3. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    Virustotal.com is good as well
     
  4. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Unfortunately, scanners aren't always reliable. Most recently, as noted by Krebs' article on the Target exploit:


    ----
    rich
     
  5. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    Use good website blocker to prevent you from downloading infected file. Try K9 web protection which is a parental control software that can be configured to block malware and adware hosting sites. Another good website blocker is part of Forti antivirus.
     
    Last edited: Jan 16, 2014
  6. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Unfortunately, there is no way to be completely certain. You can reduce the risks but you can't completely eliminate them. Even "trustworthy" sources can be compromised. Files can be altered or replaced in transit, especially if your potential adversary is government or a 3 letter agency. Verify file integrity or signature if one is available. Scan the file with available tools, including VirusTotal. If the file is new, wait a few days. Malware that evades detection when released is often identified a few days later. Too bad if you're an early adopter. Open or install the file on a virtual system. If that system has a classic HIPS, so much the better. A classic HIPS better enables you to watch its activities. Monitor the install process with a utility like Inctrl5. This gives a record of all registry and file system changes made by the install. Do the same when the app is run for the first time. Make a full system backup before installing to a real system. Monitor the real install. Compare the record to the virtual install record. Even this won't protect from BIOS or firmware altering malware. A tightly configured classic HIPS might alert you to questionable activities, but even that isn't guaranteed.
     
  7. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    974
    Deciding if a file is infected or safe...

    2 Ways to Analyze Behavior of Sandboxed Application in Sandboxie

    1. Automatic Analysis using Buster Sandbox Analyzer
    2. Manual Analysis from Sandboxie

    Buster Sandbox Analyzer (BSA) is a free tool that can be used to watch the actions of any
    process that is ran inside Sandboxie.

    Although Sandboxie is mainly used to keep your computer safe by running programs in an
    isolated space, it can also be used to analyze the program’s behavior.


    http://www.raymond.cc/blog/how-to-investigate-suspicious-file-using-sandboxie/
     
  8. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    If you're looking for a free product, the heuristics/behavior blocker in Bitdefender apparently is very good, according to these tests. Those test results are for the paid edition; I'm not sure if the results would have been any different with the free edition (free edition has fewer local signatures than paid edition). A paper describing the heuristics/behavior blocker in Bitdefender is found at (direct download) hxxp://download.bitdefender.com/resources/files/Main/file/active_virus_control_wp.pdf .
     
    Last edited: Jan 16, 2014
  9. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,718
    You don't. You simply adopt safe downloading practices , try to verify within your limits and hope for the best.
     
  10. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    I rarely download things for free. It is dangerous and risky, because there is a chance you might get a virus. So I don't download free things anymore, because I don't want to catch any viruses.
     
  11. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Yet you're using (or planning to use) Linux... Or do you pay for a web browser? How about Silverlight for you Netflix, shouldn't that be paid?

    Seriously, you have a naive misconception of freeware that might only be justified if you've actually been infected by one. My guess is no.
     
Loading...
Thread Status:
Not open for further replies.