I tried to uncompress a zip file but I get error
“The compressed (zip) folder is invalid or corrupted”.Is it possible to get virus just by trying to uncompress the zip? Can zip extension be manipulated so it is not actually a zip file but a virus?
43 Answers
As Hack-R said in his answer, Zip files can contain viruses.
You cannot get a virus just by single clicking on a Zip file. Edit: It is technically possible, if you have single clicking to run a shortcut enabled. See the paragraph below.
Double clicking is a different story. If it was a real Zip file and it does contain infected files, you would not be subject to getting a virus unless you tried to execute the infected file. For example lets say you have a Zip file containing a virus, called virus.exe. Double clicking the Zip file would not infect you, but double clicking the virus.exe (and therefore, executing virus.exe) could cause you to get the virus.
There is one other scenario that could be a factor. It is not uncommon for unscrupulous people to fake a Zip file. Lets take virus.exe again for the example. Rename the virus.exe file to virus.zip.exe and you have the default setting in Windows Explorer of hide extensions of known file types, it would appear the file is called virus.zip. An unsuspecting user would think the file is a Zip file, even if it had the wrong icon. Double clicking it would execute the virus infected file.
3You can get 0wned by watching an image:
"Microsoft Windows GDI+ is vulnerable to a buffer overflow, caused by improper bounds checking. By persuading a victim open a specially-crafted TIFF image file, a remote attacker could exploit this vulnerability to overflow a buffer and execute arbitrary code on the system with privileges of the victim."
reference:
Code, executed with the same credentials that you as the users have. For example by using a browser or other builtin means to fetch data from the internets.
The same is true for other files-types. When you start a program (even that innocent looking unzip-program) and if that program is vulnerable for certain input .. then you might get whatever the attacker wants you to have.
That said: the chance is pretty low, allthough there is one.
.Zip and other compressed files can contain virii, trojans, and other malware -- in fact, it's rather common because putting the malware into a compressed archive is an easy way of bypassing your anti-virus/anti-malware software until the archive is decompressed.
Having said that, the error message you're showing si not a symptom of a virus or other malware. That's the standard error message you receive when a compressed archive is either corrupted (i.e. the file got damaged, such as if it's on a flash drive that was not ejected properly) or if it's incomplete (such as if an Internet download didn't fully complete).
2
