Can archives be infected by malwares?

Discussion in 'malware problems & news' started by rOadToIS, Dec 21, 2008.

Thread Status:
Not open for further replies.
  1. rOadToIS

    rOadToIS Registered Member

    Joined:
    Dec 16, 2008
    Posts:
    168
    I was going over scan settings and realized that I could set my AV to skip archives. Can archives be infected by malwares? Is it secure to set my av to skip archives during scanning?
     
  2. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Of course, in the sense that an archive which contains an infected file is "infected". However, it is not an active infection
    It depends. Typically, any infection will be flagged if the archive is opened and expanded to the HDD.

    Blue
     
  3. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    Windows System Restore can have infections....
     
  4. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Simple answer is that yes, archive files can harbor infections. But until they are unpacked, the infection can not run.
    So, in a way, it is safe to skip scanning archives. However, I would recommend scanning any zipped files you download with an AV and another antimalware on completion of the download, or at least before you open them.
     
  5. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    I P2P, so I regularly run into zip/rar files with viruses and crap in them. I use IZArc to unzip, and, what I do if Avast finds something, I click either Explore or Open. Once you can see inside the zip/rar file, you'll see the little bugger that got flagged and a lot of times you can delete that sucker right out and the other files inside stay put. When I CAN'T delete it through exploring the zip/rar file, I go ahead and extract it and the other files out, and then delete the offender. I've never, ever run into a virus/malware that ran just by being extracted from the file, they all had to execute, so it's been safe to do it this way.
     
  6. TechOutsider

    TechOutsider Registered Member

    Joined:
    Sep 26, 2008
    Posts:
    549
    You use Norton, I believe.

    Setting Norton to scan within archives is somewhat for the paranoid; Norton will block the malware when you or something tries to extract it.

    If you select for Norton to scan within archives, there is another option, called "Limit Data Extraction", ususally set to "on". That is quite confusing.

    http://community.norton.com/norton/...dback&message.id=21050&query.id=438873#M21050

    If you leave the option on, Norton will extract and scan a max of 2 gb of malware from an archive.
     
Loading...
Thread Status:
Not open for further replies.