Welcome to WebmasterWorld Guest from

Forum Moderators: phranque

Message Too Old, No Replies

Zip Files Are They Safe?

Zip Files Are They Safe?

7:34 pm on Jun 9, 2005 (gmt 0)

New User

10+ Year Member

joined:Apr 25, 2005
votes: 0

I've been sent a zip file to my hotmail account but it couldnt be scan as it was password protected. It was resent to my yahoo and seems fine.

My question is this can i down load without opening the file and scan it. Is this safe?

It is a piece of software i requested and i don't want to download a trojan.

Are they safe to download without opening or will it open on its own?
And can i scan it to make sure i t has no trojans?

I need the software so any help would be great. Also notice that the file size change from 1.06mb first send to 1.0mb second send to yahoo. Probably normal.

Thanxs in advance

7:46 pm on June 9, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:July 29, 2001
votes: 0

Software like Symantec Antivirus 2004 will scan inside ZIP files without you having to decompress them. It's virus scanning is good; and I believe its trojan horse scanning is acceptable; but it certainly won't scan for attached spyware or programs that are built completely with a malicious intent. You will need to download the ZIP file in order to perform a local virus scan on it.

To my knowledge, ZIP files are relatively safe to download to your computer, won't 'open themselves'. The problems only really begin if you decompress the ZIP file.

A lot of this is really about how confident you feel about the software's origin. If you grabbed it off CNET for example, your chances of there being a problem would be significantly less than downloading it from BobsHaKz.BIZ ;)

11:53 am on June 10, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member kaled is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 2, 2003
votes: 0

Using a tool such as Winzip to unpack a zip archive is perfectly safe even if the contents are dubious.

Having unpacked the the zip archive, the contents can be scanned for nasties and deleted if required.


12:41 pm on June 10, 2005 (gmt 0)

Preferred Member

10+ Year Member

joined:Sept 28, 2002
votes: 0

Yes, trying to carefully inspect the ZIP file to see what is inside is OK.

However, there is another less technical but more social approach:
(1) Do you know the sender? If not: delete, don't care what surprise may be inside, just delete.
(2) If it is a known sender - it may be a fake (there are viruses and worms propagating by hijacking friends' address books) - do you expect a ZIP file from her/him? If not: delete.
(3) Otherwise ask back "Did you sent me some ZIPped file today? What's inside?". If you get a reply like "Huh? What are you talking about ...?": delete.

I normally just do this 'social' way of content judging and usually I am successfully finished with 90% of all spam cr*p after 0.1 seconds with just option (1), and with additional 9% after another 0.1 seconds with option (2).
This is much faster that to open an 'unzip' or 'winzip', or even scanning, before discarding that cr*p anyway.
The remaining 1% takes a bit longer, but also my step (3) actions I had so far finally ended in deletions.