Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Scanning Zip Files.


  • Please log in to reply
4 replies to this topic

#1 DSTM

DSTM

    "Bleepin' Aussie Addict"


  • Members
  • 2,649 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SYDNEY-AUSTRALIA
  • Local time:07:13 PM

Posted 24 June 2009 - 01:20 PM

Hi Guys. I have read somewhere, that Scanners have difficulty, scanning Zipped Files.
Also, if there is a nasty in a Zip File,the moment you open it,you are infected.
If so, should they be opened in a secure environment?
Any suggestions as the best way to deal with Zipped Files,security wise.?
Is this correct?
Thanks for any feedback. :thumbsup:















BC AdBot (Login to Remove)

 


#2 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:13 AM

Posted 24 June 2009 - 02:09 PM

Hello DSTM.

I have read somewhere, that Scanners have difficulty, scanning Zipped Files.

From what I know, most scanners can open zip files without much problem. If the zip if encrypted, then scanners can't open them either.

Also, if there is a nasty in a Zip File,the moment you open it,you are infected.

Zip files are merely archives of other files, and thus they can contain malicious files.

However, zip files are not program files. Opening the zip file itself is not enough to infect you because any malicious files are not executed. Another program reads the zip file.

Similarly, if you tried to open a piece of malware with notepad, you wouldn't be infected, because it is being read, not executed.

Any suggestions as the best way to deal with Zipped Files,security wise.?

Treat the files inside as you would any other file from the same source.

If in doubt, send the file up to an online scanner such as VirusTotal. The online scanners can read zip archives.

With Regards,
The Panda

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:13 AM

Posted 24 June 2009 - 02:36 PM

Hi,DSTM,see VirusTotal - Free service to analyze new samples

Edited by garmanma, 24 June 2009 - 03:59 PM.
FIXED LINK

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:05:13 AM

Posted 24 June 2009 - 04:00 PM

There is also Jottiscan
http://virusscan.jotti.org/en
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#5 DSTM

DSTM

    "Bleepin' Aussie Addict"

  • Topic Starter

  • Members
  • 2,649 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SYDNEY-AUSTRALIA
  • Local time:07:13 PM

Posted 24 June 2009 - 06:23 PM

Thanks, for the information, about Zipped Files,and the links. Much appreciated. :thumbsup:
Thought best, to ask.


















0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users