View Full Version : Most effective way of screening .pdf .doc .rtf .mht for keylogger/malware
Anthoo
April 17th, 2009, 08:16 AM
Anyone have advice on the best AV or HIPS for screening or independent
stand-alone online or download that can screen .pdf .doc .rtf .mht formatted files.
Keylogger is potentially bespoke written and malware unknown?
Regards
Ant
Mrkvonic
April 17th, 2009, 09:28 AM
Hello,
These files do not contain executable malware per se. They will usually contain macro code, scripts and similar that will try to trigger downloads of additional, executable code from servers, so that it may be ran on the machine.
These executions can only work if your system is vulnerable to remote execution, i.e. things can run without your explicit double-click.
To solve the issue:
Open docs in non-MS office programs, like OpenOffice or open them in MS office programs with macros disabled.
Open emails in plain text (not html or scripts).
Open pdfs with javascript disabled.
Open mht files with javascript disabled.
Open rtf in wordpad.
So even if these files contain stuff, it won't be parsed and run and is therefore useless garbage.
Mrk
Anthoo
April 17th, 2009, 09:32 AM
Thx Mrk
Excellent advice ;)
vBulletin® Copyright ©2000-2012, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2012, Wilders Security Forums