±Your Account
Membership:
New Today: 0
New Yesterday: 2
Overall: 24168
Visitors: 47±Latest Webinar
±Latest Articles
· Geo-tagging & Photo Tracking On iOS
· KS – an open source bash script for indexing data
· Mobile Device Geotags & Armed Forces
· Categorization of embedded system forensic collection methodologies
· Interpretation of NTFS Timestamps
· What are ‘gdocs’? Google Drive Data – part 2
· What are ‘gdocs’? Google Drive Data
· Bad Sector Recovery
· Forensic Artifact: Malware Analysis in Windows 8
· Windows 8: Important Considerations for Computer Forensics and Electronic Discovery
· KS – an open source bash script for indexing data
· Mobile Device Geotags & Armed Forces
· Categorization of embedded system forensic collection methodologies
· Interpretation of NTFS Timestamps
· What are ‘gdocs’? Google Drive Data – part 2
· What are ‘gdocs’? Google Drive Data
· Bad Sector Recovery
· Forensic Artifact: Malware Analysis in Windows 8
· Windows 8: Important Considerations for Computer Forensics and Electronic Discovery
±Follow Us
±Latest Jobs
Back to top
Skip to content
Skip to menu
Back to top
Back to main
Skip to menu
Go to page 1, 2 Next
Nope, no just one file. wondering how should i examine it if its corrupted or if it contains any viruses. Trying to understand more first before i start examing it.
it is just photos that have been compressed to zip file. When i try to open the file, a message is displayed saying that the file is corrupted. Want to find out what other approaches can i try to examine this zip file for further investigation. Any suggestions will be great to me, i'm just doing some research and hope to learn something new. Hope that clears it up.
Different approaches to examine a corrupted virus file?
Different approaches to examine a corrupted virus file?
Posted: Wed Nov 28, 2012 8:11 am
thread closed.
Last edited by hellopanda on Thu Nov 29, 2012 8:57 pm; edited 1 time in total
Last edited by hellopanda on Thu Nov 29, 2012 8:57 pm; edited 1 time in total
-
hellopanda - Newbie
Re: Different approaches to examine a corrupted virus file?
Posted: Wed Nov 28, 2012 9:08 am
Do you have a non-infected file to compare it to?
-
alastairfay - Member
Re: Different approaches to examine a corrupted virus file?
Posted: Wed Nov 28, 2012 9:33 am
- alastairfayDo you have a non-infected file to compare it to?
Nope, no just one file. wondering how should i examine it if its corrupted or if it contains any viruses. Trying to understand more first before i start examing it.
-
hellopanda - Newbie
Re: Different approaches to examine a corrupted virus file?
Posted: Wed Nov 28, 2012 9:37 am
More info is needed...what type of file is it, how is it infected, and how is it corrupted?
There's a difference in approaches between an EXE or DLL file that is infected via a file infector, and a document that includes potentially malicious executable code.
There's a difference in approaches between an EXE or DLL file that is infected via a file infector, and a document that includes potentially malicious executable code.
-
keydet89 - Senior Member
Re: Different approaches to examine a corrupted virus file?
Posted: Wed Nov 28, 2012 10:43 am
- keydet89More info is needed...what type of file is it, how is it infected, and how is it corrupted?
There's a difference in approaches between an EXE or DLL file that is infected via a file infector, and a document that includes potentially malicious executable code.
it is just photos that have been compressed to zip file. When i try to open the file, a message is displayed saying that the file is corrupted. Want to find out what other approaches can i try to examine this zip file for further investigation. Any suggestions will be great to me, i'm just doing some research and hope to learn something new. Hope that clears it up.
-
hellopanda - Newbie
Re: Different approaches to examine a corrupted virus file?
Posted: Wed Nov 28, 2012 10:59 am
What tools are you using to try to open the zip file?
Have you examined the zip file with a hex editor to see if it really is a zip archive?
Have you examined the zip file with a hex editor to see if it really is a zip archive?
-
keydet89 - Senior Member
Re: Different approaches to examine a corrupted virus file?
Posted: Wed Nov 28, 2012 7:52 pm
A message during extraction from an archive that the file was corrupted would tend to me to indicate that the archive file was broken, not that a file had a virus.
Broken archive: corruption
Virus file: infection
The terminology you're using doesn't match your stated issue.
Is Windows / Winzip reporting the corruption? If it's infected, I'd expect to see that error from your AnitVirus software.
_________________
Tony Patrick, B. Inf Tech, CFCE
www.patrickcomputerfor...s.com/blog
www.twitter.com/Patrick4n6
Broken archive: corruption
Virus file: infection
The terminology you're using doesn't match your stated issue.
Is Windows / Winzip reporting the corruption? If it's infected, I'd expect to see that error from your AnitVirus software.
_________________
Tony Patrick, B. Inf Tech, CFCE
www.patrickcomputerfor...s.com/blog
www.twitter.com/Patrick4n6
-
Patrick4n6 - Senior Member