Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

How do I check a website for malware without infecting my own machine?

Question: Can I check a site for viruses without infecting my own machine? Can that really be done for totally free? Yes, some sites do say “McAfee/Norton or some other brand trusted and tested” but that’s their word against mine.

You’re right to be suspicious about those seals that say a site has been tested and is secure. There’s absolutely nothing that prevents a malicious site from simply putting that little graphic on their page.

That said, what you’re looking for isn’t available. There’s no 100% certain way to test a site before you visit it to determine if it is malicious or contains malware that will infect your machine. That’s one of the reasons why I recommend sticking with trusted sites and making sure that your anti-malware tools are in place and up-to-date.

So, let me throw out some ideas that, while not guaranteed, can at least help protect you even if you’re visiting a potentially questionable site.

Become a Patron of Ask Leo! and go ad-free!

Use Linux

One suggestion would be to visit the site using a different operating system. If you have access to a Linux machine, try visiting the page using that. If you don’t have a spare machine, fire up Linux in a virtual machine or boot Linux from a live CD.

Most malware is targeted at Windows and Windows-based browsers, so if something happens to your Linux box, you won’t actually get infected. You’ll just presumably see malicious behavior.

VirusSwitch browsers

You could also run a non-standard browser as occasionally malware will target browsers like Internet Explorer, Chrome, or Firefox. It actually makes sense to use one of the second or third-tier browsers to see if you have any problems when you visit those sites.

But even with a different browser and operating system, there is no guarantee. Malware may try to infect you, but fail silently, so there’s no indication. Well-crafted malware may even detect the browser and Linux operating system and simply not infect you without any indication that it would have tried.

There’s no way to tell unless you…

Sacrifice Windows

In this scenario, you run Windows in a virtual machine and visit the site. That way you can simply erase the virtual machine when you’re done. Your main computer is not affected because everything – malicious or otherwise – was contained within that virtual machine.

AJAX progress indicator
You could also run Internet Explorer in sandboxie
(“sandbox IE”). This tool limits the malware’s ability to act outside of Internet Explorer and it deletes everything that may have been changed on your system when you exit the browser.

Avoid the site

Ultimately, if you’re really concerned about a site, I’d simply avoid it.

The unfortunate truth is that you can take a lot of steps to protect yourself, gain a good level of confidence, and still be wrong.

Backup your stuff

As always, the one level of protection that you absolutely can put in place that will protect you no matter what is a backup.

Take a system image backup of your machine on a regular basis. That way, if you do go to a malicious website and you later find out that you’ve been infected, you can simply restore that machine to the most recent backup. For example, because I backup every night, I can simply restore to the previous night’s backup if I’m ever infected. And I then also know never to go back to that website again.

So, those are your options. This is a difficult problem to solve, but hopefully, some of these ideas will help you raise either your confidence or suspicions in whichever site that you’re investigating.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

16 comments on “How do I check a website for malware without infecting my own machine?”

      • Absolutely, that’s why I said it’s not perfect. Still it’s useful. When in doubt, don’t. I find a lot of false positives with political and religious sites which are often attacked by people with opposing views.

        Reply
        • Right. But if you’re getting warnings for sites that you’ve used for years without a problem (which I have experienced), you tend not to take the service as seriously. And that’s a similar risk to not using it at all.
          An approach might be to use Sandboxie when a site is being reported as suspicious.

          Reply
  1. I simultaneously use WOT, Norton Site Safety, and McAfee SiteAdvisor to evaluate the riskiness of search results. It is not that rare for one of the software to show a red warning icon for a search result, while the other two software give it a green a-okay symbol. So who do you believe?

    A user can go to zulu.zscaler.com to use their free URL risk analyzer tool. Just submit the URL you want to check out, and the tool will analyze various aspects of that web page, such as external links, content, full URL, and host reputation. For example, askleo.com generated a score of 38 out of 100 (the lower the score, the safer the page presumably), with the tool classifying the overall page risk as “Benign”. The askleo.com rating showed only one negative: the tool indicates the website has an “IP address (that) has been identified as risky by one/more sources”. I’m sure askleo.com is safe — right, Leo? ;-)

    Reply
    • That’s one of the problems with websites like that – it’s possible that when I set up the askleo.com server I inherrited an IP address that perhaps had been previously used by a “risky” website. In a sense I may have “inherited” that reputation. One of the problems with those services is that it’s nearly impossible to get off their list of possibly risky sites.

      Reply
  2. I like the OffByOne browser for checking websites I’m not sure of.
    Their overview page lists two limitations (other than the HTML 3.2 support)
    -No JavaScript support (so no pop-up ad windows).
    -No applet, plug-in or Flash support.
    This cuts out most the ways for bad things to happen.

    Reply
  3. Thank You Yeppers for mentioning zscaler as another tool for Paranoid folks like me to use before visiting web sites.
    I C&P the zscaler URL from Your comments above into Firefox without checking it first with Dr. Web Link Checker, because I know Leo wouldn’t allow sites mentioned in His Comments section to go to a Harmful web page.
    Thank You for the comment and Thank You Leo for having a Safe Place to learn this here complicated stuff. . .

    Reply
    • To be clear, I cannot vet every link that is placed in a comment. Even if I could there’s a window of time between the posting of the comment and my or my assistant’s getting around to it. Bottom line: don’t assume links in comments here aren’t risky – ultimately they could be.

      Reply
  4. Thanks. Your comment says sandboxie can be used in IE, but no mention of FF. Their site does not mention is either. Does sandboxie work with FF and Chrome?

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.