Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 235
  • Last Modified:

re: detection of computer viruses withing setup and install files

Hi Everyone:

      I have recently downloaded some Setup Files for various programs and scanned these setup files for viruses and Trojans.  After going to trendmicro.com and running a virus scan, these files came up clean.  However, is it possible the setup files can still contain malicious code which is dormant and only becomes activated after the install or setup file is launched?

      Any thoughts or insights on this question will greatly be appreciated.

      I look forward to hearing from someone regarding this question.

      Thank you.

      George
0
GMartin
Asked:
GMartin
1 Solution
 
CrazyOneCommented:
Yes it is possible but not likely. Altouhg I woudln't put my trust in just using the online version of trend.

Use all three of these

 Norton Web Services  
     Rating  = 4  
Go to this page and click on Scan for Viruses
http://security2.norton.com/ssc/vc_about.asp?langid=us&venid=sym&plfid=22&pkj=RKNYPJUIYCZRWEJGSSK

It needs to download a few file so as to activate the scan so you may see a message like this.

"The Scan for Viruses uses an ActiveX program to scan your computer. The download is approximately 1.5MB and can take about 10 minutes over a 28.8 modem.

The scan can take more than 20 minutes depending on the speed of your computer and the number of files that you have. Please do not browse away from this page unless you intend to abort the scan.
 
Downloading Scan for Viruses controls. Please wait...
 
During the download, you might see one or more messages asking if it is OK to download and run these programs. Click Yes when these messages appear.
 
Note: Scan for Viruses does not scan compressed files"
======================
 Trend Micro HouseCall  
     Rating  = 3
www.housecall.antivirus.com
"Trend Micro's free online virus scanner
In order to better serve our customers, we ask HouseCall users to register before scanning their computer.  By registering, you will receive virus alerts from our team of Virus Doctors. You will be able to unsubscribe when you receive your first email. You can also scan without registering"
http://housecall.antivirus.com/housecall/start_corp.asp
======================

PC Pitstop Virus Scan
Our free Web-based virus scan uses Panda Software's award-winning technology and virus list. We're checking against the "wildlist," the roughly 200 viruses that are most prevalent in the world in a given month
http://www.pcpitstop.com/antivirus/default.asp
0
 
CrazyOneCommented:
Also you really should have a virus scanner residing on your machine. Such as Norton or McAffee which both test out as being the top two virus scanners on the market and have them be running all the time.
0
 
Dave HoweSoftware and Hardware EngineerCommented:
Its certainly possible - hidden inside an installer *deliberately* it could be encrypted, compressed, or any combination of the two that appeals to the attacker (the 7z library for example offers AES encryption for compressed files; it would be trivial for an attacker to call that and make a trojan indetectable to AV software.

On the other hand, your AV should have a "real time" scanner, that detects a trojan being unpacked and deployed, and blocks it at the time it is installed. By definition, a compressed and encrypted trojan is no threat :)
0
 
SunBowCommented:
> is it possible the setup files can still contain malicious code which is dormant and only becomes activated after the install or setup file is launched?

Yes, that is easy to code, but not found all that often, the script kiddies can't do. So odds are that you can install and have no problem. Beware of products that do like MS and download parts of it from the web during install. Always scan after install, and backup before.

More than likely, the trojans you'll get are not virus but spyware, and the AntiVirus companines won't help with that a bit. Uninstalls don't work with those beasts.
0
 
GMartinAuthor Commented:
Hi Everyone:

      Thanks so much for sharing your time, insights, and expertise.  I especially appreciated the links to the free online virus scanners in addition to the tips.

      Have a great weekend everyone.

      George
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now