• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!
Collapse

You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:

  • You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
  • You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
  • If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.

Previously on "help please = pdf.zip"

Collapse

  • stek
    replied
    Originally posted by Sysman View Post
    My standard practice is to use command line unzip to list the contents of zipfiles (unzip -l), even those from a so-called trusted source, before extracting them. I like to know what I'm putting onto a system.
    Also on Unix and their clones such as Linux you can do 'file' on it - it will tell you what type of file it is;

    Code:
    sh-3.2# file *
    ABOUT-NLS:                ASCII English text
    CHANGES:                  ASCII English text
    COPYRIGHT:                ASCII English text
    Hercules.dsp:             ASCII English text
    Hercules.dsw:             ASCII text
    Hercules.sln:             UTF-8 Unicode (with BOM) text
    Hercules.vcproj:          XML document text
    Hercules.vcxproj:         XML document text
    Hercules.vcxproj.filters: XML document text
    Hercules.vcxproj.user:    XML document text

    Leave a comment:


  • SarahL2012
    replied
    Just catching up with this thread. I think it's fair to say their IT knowledge is limited to Outlook - & even that got stressful when it decided to put a reading pane in the 'wrong' place. I ran one of the free virus checks recommend (thanks!) & all showed up clear luckily.

    One of the other volunteers helps with their web page & I'm going to see whether he can have a look at their desktop too. They were lucky this time & I'd rather make sure everything is ok before they brave internet banking.

    Leave a comment:


  • Sysman
    replied
    Originally posted by PerfectStorm View Post
    Whilst that's certainly very cautious, bar a few very extreme examples there's nothing wrong with opening a zip to see what the content file is.
    My standard practice is to use command line unzip to list the contents of zipfiles (unzip -l), even those from a so-called trusted source, before extracting them. I like to know what I'm putting onto a system.

    Leave a comment:


  • PerfectStorm
    replied
    Originally posted by Platypus View Post
    If it's a zip. Beware exe's masquerading as Zips
    Absolutely. So not including honestguv.zip.exe in my advice

    Leave a comment:


  • Platypus
    replied
    Originally posted by PerfectStorm View Post
    Whilst that's certainly very cautious, bar a few very extreme examples there's nothing wrong with opening a zip to see what the content file is.
    If it's a zip. Beware exe's masquerading as Zips

    Leave a comment:


  • PerfectStorm
    replied
    Originally posted by cojak View Post
    Do not open any *zip file from an email address you don't recognise.

    End of.

    *Or any file for that matter.

    My spam filter is set to 'junk' for any .zip file. I look and review regularly in case i recognise the name, but if I did I would contact the user to tell them that I don't accept unsolicited .zip files and that they should alert me before sending them.

    Whilst that's certainly very cautious, bar a few very extreme examples there's nothing wrong with opening a zip to see what the content file is.

    Leave a comment:


  • cojak
    replied
    Originally posted by PerfectStorm View Post
    See if you can get hold of the original email and open the zip. From there you'll be able to see the file extension of the actual file contained, which will tell you whether it's worth opening or not. Something benign like a word doc, text file or other PDF should be OK, but something executable then I woudn't.

    Cue: "IT MIGHT STILL BE A VIRUS!!"
    Do not open any *zip file from an email address you don't recognise.

    End of.

    *Or any file for that matter.

    My spam filter is set to 'junk' for any .zip file. I look and review regularly in case i recognise the name, but if I did I would contact the user to tell them that I don't accept unsolicited .zip files and that they should alert me before sending them.

    Leave a comment:


  • PerfectStorm
    replied
    See if you can get hold of the original email and open the zip. From there you'll be able to see the file extension of the actual file contained, which will tell you whether it's worth opening or not. Something benign like a word doc, text file or other PDF should be OK, but something executable then I woudn't.

    Cue: "IT MIGHT STILL BE A VIRUS!!"

    Leave a comment:


  • TheFaQQer
    replied
    Originally posted by sal View Post
    Agree on the first part, As for the Linux, if their level of computer expertise is low enough to not know how to clean nasties, Linux learning curve will be too much. Not to mention it will further limit their ability to get help from others, as most help desk types are mostly Windows.

    One additional step is to use online scanners like Free Virus Scan | Online Virus Scanner from ESET just to triple check.

    Also if they have another PCs connected to the same network make sure to check all of them as well.
    I don't see a learning curve with Linux Mint, apart from remembering that it's Libre Office rather than MS Office.

    If my parents can cope, I'm pretty sure most people could.

    Leave a comment:


  • sal
    replied
    Originally posted by TheFaQQer View Post
    I would use both - Avast for ongoing protection (and also an initial scan), and malwarebytes to check for other nasties.

    Depending on what they actually need a computer for, given this level of mistake, I would actually look at Linux Mint (which does pretty much everything that a "normal" user would need) since your chances of viruses are much lower - I get sent .exe files in my emails which Linux just bins for me.
    Agree on the first part, As for the Linux, if their level of computer expertise is low enough to not know how to clean nasties, Linux learning curve will be too much. Not to mention it will further limit their ability to get help from others, as most help desk types are mostly Windows.

    One additional step is to use online scanners like Free Virus Scan | Online Virus Scanner from ESET just to triple check.

    Also if they have another PCs connected to the same network make sure to check all of them as well.

    Leave a comment:


  • cojak
    replied
    Originally posted by Platypus View Post
    Hate to pick holes Cojak, but it's going to be hard to download Malwarebytes if it's not plugged in. So if I may,

    (1) Delete the email. If by any stroke of luck they couldn't / didn't open it, you might be ok,
    (2) Then download Malwarebytes. Resist the offers of trying the premium version, because if you do, it won't run after 28 days when the premium trial expires.
    (3) Proceed as per other comments
    Quite right Platypus,

    But Sarah isn't going to get there until this afternoon. I was simply thinking about them putting the machine offline until she got there.

    Leave a comment:


  • DannyF1966
    replied
    Ideally you want to download Malwarebytes from a clean PC that's connected to the internet, then copy it to a USB stick and install it from there onto the (non-internet-connected) PC you want to check.

    Leave a comment:


  • TheFaQQer
    replied
    Originally posted by cojak View Post
    I use Avast Dave, but I thought that Malwarebytes was the D's B's for cleaning PCs?
    I would use both - Avast for ongoing protection (and also an initial scan), and malwarebytes to check for other nasties.

    Depending on what they actually need a computer for, given this level of mistake, I would actually look at Linux Mint (which does pretty much everything that a "normal" user would need) since your chances of viruses are much lower - I get sent .exe files in my emails which Linux just bins for me.

    Leave a comment:


  • Platypus
    replied
    Originally posted by cojak View Post
    <Sigh>

    First tell them to unplug their computer from the internet, to stop things from getting worse.

    Then use this.
    https://www.malwarebytes.org/

    Then get them to read this (ALL staff!).
    General Online Safety Resources | StaySafeOnline.org

    I'm sure more tech savvy regulars will be able to give you detailed help...
    Hate to pick holes Cojak, but it's going to be hard to download Malwarebytes if it's not plugged in. So if I may,

    (1) Delete the email. If by any stroke of luck they couldn't / didn't open it, you might be ok,
    (2) Then download Malwarebytes. Resist the offers of trying the premium version, because if you do, it won't run after 28 days when the premium trial expires.
    (3) Proceed as per other comments

    Leave a comment:


  • cojak
    replied
    Come back later if you need more help, we'll try and advise.

    (And give us their name, I'm sure there's a bit of spare cash lurking down my sofa...)

    Leave a comment:

Working...
X