Unzip - Viruses?
in [Anti-Virus]
|
From: FromTheRafters on 3 Nov 2009 06:37 "Bob L" <bl(a)thisaddressisnowhere.com> wrote in message news:m8nve5lr2t79cdbdhjpgi9ucpk0u088q85(a)4ax.com... > On Mon, 2 Nov 2009 22:24:26 -0500, "FromTheRafters" > <erratic(a)nomail.afraid.org> wrote: > >>"Fruit2O" <jz137xww(a)cox.net> wrote in message >>news:ao3ve5lccovglfa29e4bgdm5muvklq7qb4(a)4ax.com... >>>I have a file given to me by a friend - but I am leary of opening it >>> for fear of getting a virus. Am I justified? >> >>Yes, very much so. Contrary to the popular refrain "...and I don't >>open >>files from strangers" - much malware comes (or appears to come) from >>those you *do* know and trust. >> >>> What if I open it and run it through my anti-virus program? >> >>From a general security standpoint, if you didn't request it - delete >>it. If you really *do* want it, then you should have it scanned for >>malware some days after you receive it (cooling off - trying to avoid >>day zero malware) by several scanners. >> >>> If it passes, would that assure safety? >> >>No, only the first option assures safety. >> >>> If not, is there another way to check the contents of the zip >>> file for possible malware? >> >>Old school - unzip and scan the resulting files. Now, most scanners >>are >>capable of extracting the files for you when you scan the archive >>itself. >> >>...and as an aside, some malware has attacked vulnerabilities in the >>implementation of that very feature. >> > > > Get yourself Sandboxie and run all your operations there to start > with. Not a bad idea, I used to use a registry change tracker like InControl on an isolated machine - not perfect, but better than running unknowns on my online machine.
From: russg on 3 Nov 2009 13:44 On Nov 2, 9:05 pm, Fruit2O <jz137...(a)cox.net> wrote: > I have a file given to me by a friend - but I am leary of opening it > for fear of getting a virus. Am I justified? What if I open it and > run it through my anti-virus program? If it passes, would that assure > safety? If not, is there another way to check the contents of the zip > file for possible malware? If it is a .zip file, you could use powerarchiver (free) to see the names of the files inside the zip. Virustotal may be able to identify virus in a zip. If it is a self- extracting .exe file, don't open it until you submit it to Virustotal (there are other multi-checking sites.) You should be wary of anything you aren't sure of, such as the friend's file. If the file is a .zip and powerarchiver shows a folder or only one file, then you could unzip it and submit the resulting file to Virustotal. Using Virustotal on a single file is easier and probably more up-to-date than your AV software.
First
|
Prev
|
Pages: 1 2 Prev: A list of good Firewall and Anti-Virus Software (Free Downloads) Next: Best Free Security List |