Hi, this is the first time posting in this forum, hopefully this question has not been asked before so without further ado I will describe my situation and seek a second opinion (or more) to my own.
I am an AVAST Premium subscriber, I own several PCs and the one in question is a HP Envy i7 running Windows10 Home Edition. I was sorting through and getting rid of some old out of date files on one of my cloud drives and for speed I download to the PC locally to review before deleting. Because the cloud drive is only used for archiving old documents most of the files on it are in ZIP format to save space and bandwidth. As it so happens one of the ZIP files that was downloaded had an .exe file (and several text files) in it that was infected with a virus or malware (I forget as it was a long time ago and this was discovered a long time after the was uploaded to the cloud drive). Probably worth mentioning I forgot about this before downloading it over to my HP Envy drive to review.
My question is, in Windows if you double click to open a ZIP file, Windows lets you review the contents (filenames) of the ZIP file in explorer as if it was just another folder. When I done this with the ZIP file with the infected file in it, straight away I remembered this file was infected in this ZIP. I did not copy the infected file to another location (a Windows unzip) or unzip the ZIP contents with any other compression/decompression tool, it was immediately deleted by me. My thinking here is that my system is not infected as I did not unzip the archive or run the infected exe file, but as security is of top most important I would just ask for others thinking on this! If I havnt explained the situation well enough please let me know and I can give more detail.
you have to run the .exe for it to do its work. And as soon as you do or unzip avast realtime monitoring should detect it. If avast did not detect it then it may have been a false positive that has been fixed?
Do you remeber the message / detection name avast gave? … did it begin with PUP ?
it that was infected with a virus or malware
all virus are malware, but all malware is not virus ... got it ;)
a virus is a self replicating malware
Malware = malicious program and the name covers all types of programs that can harm your computer
Thanks for the reply Pondus, much appreciated. To answer your question, no the infected exe was not run from within the ZIP, extracted by any tool or extracted and run from a different location, I think this is one of the reasons why AVAST did not pick it up. From memory AVAST did not pick it up either when the .exe installer was run or when it fully installed the small program (this was a long time ago). However it did pick it up when the small program was run. That’s all I can recall, apart from it being a W32.xxxxxxxx something infection of some sort. As it was from a supplier in China I suspect it was most definitely some sort of Virus/Malware/Adware or the likes as things like this has happened before but have been caught on download rather that later on in the process.
Probably worth mentioning I have done several full system boot scans and all was clear!
and it is best to upload the file inside the zip and not the zip containing the file because if you do all the extra detailed file info will be for the zip container and not the file inside
I think I may still have the ZIP in the recycle bin on the cloud drive, I will check. TBH I don’t think I would download and unzip the file on my own PC just on the off-chance it may infect me with something else!!! I may do it from my MacBook Pro and if so I will defo post results. Never heard of the that website you mentioned- may be a handy one in the future!
I will check. TBH I don't think I would download and unzip the file on my own PC just on the off-chance it may infect me with something else!!!
You can upload it zipped, scanners will scan inside the zip and detect, but as said the detailed info like MD5 hash / who made the file / digitally signed ..... will be skewed
I will check back for your result tomorrow … night night