Jump to content

Malware detection in zip files


Recommended Posts

I have received zip file email attachments from known malware distributors (DHS email scam) that I have saved and then scanned using ESET Smart Security 6.  The files scan as being clean.

 

I don't have the cojones to actually *open* the file to see what happens.

 

At what point does ESET detect malware in a zip file?

Link to comment
Share on other sites

Hello RDaleBarrow

 

Zip files are (archives)  not scanned by real-time file protection, because files in archives  will not be, or pose any risk before there are extracted, and when they are extracted the real time protection will catch them. You know, delete- block -clean or quarantine.

 

Regards, Janus

Edited by Janus
Link to comment
Share on other sites

  • Former ESET Employees

If you right clicked the zipped file and chose 'Scan with ESET Smart Security' it would have found any known variants that were inside. The log created would have looked like the screen shot attached. Ensure you have the latest virus signature database before scanning.

post-123-0-63346100-1368502626_thumb.png

Edited by Alex Jones
Link to comment
Share on other sites

  • Administrators

Please submit the file to ESET as per the instructions here.

 

Yes..rightclick scan works.

My first post, try out.  :)

 

Gerard

Link to comment
Share on other sites

 

Please submit the file to ESET as per the instructions here.

 

Yes..rightclick scan works.

My first post, try out.  :)

 

Gerard

 

I deleted the file.  Sorry.

Link to comment
Share on other sites

 

Please submit the file to ESET as per the instructions here.

 

Yes..rightclick scan works.

My first post, try out.  :)

 

Gerard

 

These files are clean, so why to sent them?

Link to comment
Share on other sites

  • Former ESET Employees

It is always good to submit any suspicious files even if a scan of them shows up clean. That way the labs can see if the file does anything malicious. Who knows it could be a new infection no one is catching yet.

Edited by Alex Jones
Link to comment
Share on other sites

  • ESET Moderators

Hello,
 
As Alex Jones pointed out, you can always submit suspicious emails and attachments to ESET for analysis by our threat researchers.  To do so, follow the instructions in ESET Knowledgebase Article 141, "How to submit virus or potential false positive samples to ESET's labs."

 

Regards,

 

Aryeh Goretsky

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...