[SOLVED] what to do with new file from untrusted source?

[brannsiu]

I'd like to know what is advised to do with file from web but the source is not totally trustable?

I can only think of -- scanning the file with Windows Defender and then uploading it to VirusTotal for second check,
anything more I can do?

If an installation file passes the virus test, could it still contain virus or other unwelcome thing after installation?

 

[rgd1101]

don't use the file?

If an installation file passes the virus test, could it still contain virus or other unwelcome thing after installation?

possible. someone have to be the first to get it before we get virus def.

 

[Lutfij]

I'd like to know what is advised to do with file from web but the source is not totally trustable?
The first thing you do is don't even get it on your system. When you practice healthy browsing habits, you stave off the majority of threats others face and then end up paying a lot to recover from.

 

[mdd1963]

untrustworthy 'file'? (Given a lack of info on where it came from, what you think the file is/should be, etc., I can only recommend...)

Delete with extreme prejudice.

 

[brannsiu]

I'd like to know what is advised to do with file from web but the source is not totally trustable?
The first thing you do is don't even get it on your system. When you practice healthy browsing habits, you stave off the majority of threats others face and then end up paying a lot to recover from.

In that case, Antivirus software(even with the newest upate) is never a very guaranteed solution?

 

[rgd1101]

In that case, Antivirus software(even with the newest upate) is never a very guaranteed solution?

correct. virus/malware definitions don't write themselves

 

[USAFRet]

I'd like to know what is advised to do with file from web but the source is not totally trustable?

I can only think of -- scanning the file with Windows Defender and then uploading it to VirusTotal for second check,
anything more I can do?

If an installation file passes the virus test, could it still contain virus or other unwelcome thing after installation?

Don't be shy....give us some more info.
What is the source of this?
Why are you messing with a an untrustable location on the web?


But...what to do with it?
This is what a sacrificial PC is for.
Offline and easily reimaged.

 

[brannsiu]

Don't be shy....give us some more info.
What is the source of this?
Why are you messing with a an untrustable location on the web?


But...what to do with it?
This is what a sacrificial PC is for.
Offline and easily reimaged.

I am not worried about one single file.
I'd just like to know what is the standard way of treating a file before executing it

 

[USAFRet]

I am not worried about one single file.
I'd just like to know what is the standard way of treating a file before executing it

"one single file" may be all it takes.

Again, that is why I have a sacrificial PC (actually an old laptop)
What happens to it is of no consequence.

 

[brannsiu]

"one single file" may be all it takes.

Again, that is why I have a sacrificial PC (actually an old laptop)
What happens to it is of no consequence.

so you always test a file if you don't trust it on the "sacificial PC" before you copy it to your main PC??

 

[USAFRet]

so you always test a file if you don't trust it on the "sacificial PC" before you copy it to your main PC??

On the exceedinlgy rare occasions where I might have one...either that sacrificial laptop, or a VM. Either Linux or Win 10 VM.
I have a Linux VM open ALL the time, just to check suspect URLs.

 

[Skidoood]

Upload it here, we'll take a look at it....