Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How To Determine If A File Is Safe?


  • Please log in to reply
7 replies to this topic

#1 iceman2130

iceman2130

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:23 AM

Posted 15 August 2008 - 11:31 PM

I believe I read on here somewhere, that somebody has a program in which you can drop a file you downloaded onto, and it will scan it to see if it has a virus before you decide to run or open the program. I'm searching the forums and can't seem to find it. Anyone know about this?

A friend sent me a file, and I'd like to scan it before opening it and then have to spend my weekend fixing a computer virus.

Thanks in advance

BC AdBot (Login to Remove)

 


#2 rowal5555

rowal5555

    Just enough info to be armed & dangerous...


  • Members
  • 2,644 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:St Kilda, Dunedin. South Island. NZ
  • Local time:05:23 AM

Posted 16 August 2008 - 01:20 AM

Have you tried right clicking on the file and choosing Scan With ?? ( your current antivirus? and antispyware.?)

rowal5555 (Rob )                                                             

Avid supporter of Bleeping Computer's
Team 38444

You can help find a cure


 


#3 thelittleduck

thelittleduck

  • Members
  • 920 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pond
  • Local time:05:23 PM

Posted 16 August 2008 - 02:28 AM

If the file is no more than 10mb you could upload the file here VirusTotal

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:23 PM

Posted 16 August 2008 - 07:47 AM

In addition to VirusTotal, you can also use jotti's virusscan. In the "File to upload & scan" box, browse to the location of the suspicious file(s) and submit (upload) it for scanning/analysis.
-- Post back with the results of the file analysis.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 iceman2130

iceman2130
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:23 AM

Posted 16 August 2008 - 10:42 AM

Here are the results from Jotti's Virusscan:

Is this stuff harmful?

Scanner results
Scan taken on 16 Aug 2008 15:36:21 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found Heur.Win32.I
Avast Found Win32:Small-IEE
AVG Antivirus Found Generic10.AATF
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Ikarus Found Virus.Win32.Delf.ICC
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found Suspicious_F.gen
Panda Antivirus Found nothing
Sophos Antivirus Found Mal/Packer
VirusBuster Found nothing
VBA32 Found nothing


And the results from Virus Total:

Antivirus Version Last Update Result
AhnLab-V3 2008.8.15.0 2008.08.15 -
AntiVir 7.8.1.19 2008.08.16 -
Authentium 5.1.0.4 2008.08.16 -
Avast 4.8.1195.0 2008.08.15 Win32:Small-IEE
AVG 8.0.0.161 2008.08.16 Generic10.AATF
BitDefender 7.2 2008.08.16 -
CAT-QuickHeal 9.50 2008.08.16 (Suspicious) - DNAScan
ClamAV 0.93.1 2008.08.16 -
DrWeb 4.44.0.09170 2008.08.16 -
eSafe 7.0.17.0 2008.08.14 Suspicious File
eTrust-Vet 31.6.6035 2008.08.15 -
Ewido 4.0 2008.08.16 -
F-Prot 4.4.4.56 2008.08.16 -
F-Secure 7.60.13501.0 2008.08.16 Suspicious_F.gen
Fortinet 3.14.0.0 2008.08.16 -
GData 2.0.7306.1023 2008.08.16 Win32:Small-IEE
Ikarus T3.1.1.34.0 2008.08.16 Virus.Win32.Delf.ICC
K7AntiVirus 7.10.417 2008.08.15 -
Kaspersky 7.0.0.125 2008.08.16 -
McAfee 5362 2008.08.15 -
Microsoft 1.3807 2008.08.16 -
NOD32v2 3360 2008.08.15 -
Norman 5.80.02 2008.08.15 Suspicious_F.gen
Panda 9.0.0.4 2008.08.16 -
PCTools 4.4.2.0 2008.08.16 Packed/FSG
Prevx1 V2 2008.08.16 -
Rising 20.57.52.00 2008.08.16 -
Sophos 4.32.0 2008.08.16 Mal/Packer
Sunbelt 3.1.1546.1 2008.08.15 VIPRE.Suspicious
Symantec 10 2008.08.16 -
TheHacker 6.3.0.3.046 2008.08.13 W32/Behav-Heuristic-061
TrendMicro 8.700.0.1004 2008.08.16 PAK_Generic.001
VBA32 3.12.8.3 2008.08.15 -
ViRobot 2008.8.16.1338 2008.08.16 -
VirusBuster 4.5.11.0 2008.08.15 Packed/FSG
Webwasher-Gateway 6.6.2 2008.08.16 Win32.Malware.gen#FSG (suspicious)

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:23 PM

Posted 16 August 2008 - 10:59 AM

Is this stuff harmful?

Appears so.

What program is alerting you to this file?
Did the program provide a specific file name associated with this malware threat and if so, where is it located (full file path) at on your system? That information will be helpful in removing it.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 iceman2130

iceman2130
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:23 AM

Posted 16 August 2008 - 11:07 AM

The file is located on my desktop. I haven't clicked on it / executed the file yet because I've done that before with other files, only to find there was a virus hidden in the file. So this time I thought I'd scan it first.

The program did not provide a specific file name associated with the malware threat.

The program is called 'Liquid Saxophone.'

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:23 PM

Posted 16 August 2008 - 11:15 AM

Download FileASSASSIN FA_Portable.zip and save to your desktop (this tool is compatible with Win 2000/NT/XP/Vista only).
  • Create a new folder on your C:\ drive called FileASSASSIN and extract (unzip) the file to that folder. (Click here for information on how to do this if not sure. Win 9x/2000 users click here.)
  • Open the folder and double-click on FileASSASSIN.exe.
    Note: If you downloaded the installable version instead, just double-click on fa-setup.exe to install and then launch FileASSASSIN from the program folder.
  • Select the bad file to delete by dragging it onto the text area or select it using the (...) browse button.
  • Select a removal method. Start with the default "Attempt FileASSASSIN's method of file removal"
  • Click delete and the removal process will begin.
  • If that did not work, start the program again, select the file(s) the same way as before and this time check "Use delete on reboot function from windows."

Caution: Be careful what you delete. FileAssassin is a powerful program, designed to move highly persistent files. Using it incorrectly could lead to disastrous problems with your operating system.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users