Welcome to WebmasterWorld Guest from

Forum Moderators: phranque

Message Too Old, No Replies

Zip Files Are They Safe?

Zip Files Are They Safe?



7:34 pm on Jun 9, 2005 (gmt 0)

10+ Year Member

I've been sent a zip file to my hotmail account but it couldnt be scan as it was password protected. It was resent to my yahoo and seems fine.

My question is this can i down load without opening the file and scan it. Is this safe?

It is a piece of software i requested and i don't want to download a trojan.

Are they safe to download without opening or will it open on its own?
And can i scan it to make sure i t has no trojans?

I need the software so any help would be great. Also notice that the file size change from 1.06mb first send to 1.0mb second send to yahoo. Probably normal.

Thanxs in advance


7:46 pm on Jun 9, 2005 (gmt 0)

10+ Year Member

Software like Symantec Antivirus 2004 will scan inside ZIP files without you having to decompress them. It's virus scanning is good; and I believe its trojan horse scanning is acceptable; but it certainly won't scan for attached spyware or programs that are built completely with a malicious intent. You will need to download the ZIP file in order to perform a local virus scan on it.

To my knowledge, ZIP files are relatively safe to download to your computer, won't 'open themselves'. The problems only really begin if you decompress the ZIP file.

A lot of this is really about how confident you feel about the software's origin. If you grabbed it off CNET for example, your chances of there being a problem would be significantly less than downloading it from BobsHaKz.BIZ ;)


11:53 am on Jun 10, 2005 (gmt 0)

WebmasterWorld Senior Member kaled is a WebmasterWorld Top Contributor of All Time 10+ Year Member

Using a tool such as Winzip to unpack a zip archive is perfectly safe even if the contents are dubious.

Having unpacked the the zip archive, the contents can be scanned for nasties and deleted if required.



12:41 pm on Jun 10, 2005 (gmt 0)

10+ Year Member

Yes, trying to carefully inspect the ZIP file to see what is inside is OK.

However, there is another less technical but more social approach:
(1) Do you know the sender? If not: delete, don't care what surprise may be inside, just delete.
(2) If it is a known sender - it may be a fake (there are viruses and worms propagating by hijacking friends' address books) - do you expect a ZIP file from her/him? If not: delete.
(3) Otherwise ask back "Did you sent me some ZIPped file today? What's inside?". If you get a reply like "Huh? What are you talking about ...?": delete.

I normally just do this 'social' way of content judging and usually I am successfully finished with 90% of all spam cr*p after 0.1 seconds with just option (1), and with additional 9% after another 0.1 seconds with option (2).
This is much faster that to open an 'unzip' or 'winzip', or even scanning, before discarding that cr*p anyway.
The remaining 1% takes a bit longer, but also my step (3) actions I had so far finally ended in deletions.




Featured Threads

Hot Threads This Week

Hot Threads This Month