When programs are downloaded from a website they frequently are in a compressed format, or commonly known as zipped. Zipping software (compressing it) saves space and makes the download time quicker. In many instances the zipped programs can be un-zipped easily and run without installing them on your computer. These type of programs are referred to as being protable.Yogi wrote:This topic probably belongs in the Computer Forum, but we all download software and blindly trust it is clean. Hopefully my story will get more visibility in this forum, and perhaps save some of you from a lot of buggy trouble.
While I don't have an antivirus program installed and running on my computer, I do on occasion use something called Virus Total Uploader. This program will scan any file you tell it to. The beauty of it is that it uses upwards of 50 popular antivirus programs to do the scan. Thus the results is from 50 sources in the hope that if one misses something, the others will catch it.
Today I found a program called Virus Total Scanner which downloads in the zipped format. Given that this was my first time to evaluate the program, I decided to run a virus check before I installed it. I used Virus Total Uploader and the zipped file appeared to be clean. Feeling confident, I proceeded to unzip it so that I could actually use it. However, I decided to see if it was still clean after being unzipped. To my surprise about twenty of the virus checks found malicious software in this program that was clean just a few minutes prior.
There are several lessons to be learned here, but the most important one is to be certain to do a thorough virus check on any program that you download. Some operating systems (Windows 10, for example) will do this virus check automatically, but they only use one set of virus definitions, not the 50 sets used by Virus Total Uploader. The second lesson is that a second virus scan should be run after the compressed (zipped) files have been un-zipped. In my case the viruses did not show up until the program was ready to be installed. Most virus checkers would not have found anything in the compressed version, but during the un-zipping a web site was contacted and viruses were downloaded. Fortunately I didn't install the virus laden software, but it is a very scary situation when fifty antivirus scans cannot find anything at the initial scan.
If you are interested, this is the program without viruses, Virus Total Uploader:
https://www.virustotal.com/en/documenta ... lications/
This is the program that suddenly acquires a virus payload after it is unzipped, Virus Total Scanner:
http://securityxploded.com/virus-total-scanner.php