Rar File - Risk?

[Guest]

So I downloaded some rar files that claim to be textbooks and I was just wondering if there's any risk involved here. I use Winrar and when I used Winrar to have a look inside, it only contains a txt file and a pdf file. I can't see how this would be risky considering that Winrar only saw/sees that there's just a pdf and txt file. Nothing like an exe file so I assume that I should be fine. Just checking to be sure. Thanks. 

[BoredErica]

AFAIK, PDFs themselves can be a vector for malware. Perhaps you could try opening it in a VM?

[Guest]

3 hours ago, Dark_wizzie said:

AFAIK, PDFs themselves can be a vector for malware. Perhaps you could try opening it in a VM?

Are you serious? How would that even work? 

[Guest]

3 hours ago, Dark_wizzie said:

AFAIK, PDFs themselves can be a vector for malware. Perhaps you could try opening it in a VM?

Would giving it a scan with MalwareBytes do anything? 

 

Gave it a scan and it didn't find anything. 

[Simon771]

Right click on it and scan with windows defender.

If nothing bad apperas, just extract it.

 

Why so paranoid?

I have downloaded thousands of weird looking files on my system and never had any problems.

[Guest]

3 hours ago, Simon771 said:

Right click on it and scan with windows defender.

If nothing bad apperas, just extract it.

 

Why so paranoid?

I have downloaded thousands of weird looking files on my system and never had any problems.

I don't have an option to scan with Windows Defender 

[Xanthe_2871]

While I'm not saying you shouldn't be cautious, in my experience the fake or bad ebooks are usually the ones being posted by the copyright owner in an attempt to find pirates/thieves, not viruses. To be frank, unless it's a popular work, it's probably not worth someone's time to infect it with a virus. 

 

Just my two cents.

[Simon771]

1 minute ago, IAmLamp said:

I don't have an option to scan with Windows Defender 

You do have anti-virus software on your PC right?

[Guest]

3 hours ago, Simon771 said:

You do have anti-virus software on your PC right?

Nice. There isn't a right click option to scan with it. 

[Simon771]

 

9 minutes ago, IAmLamp said:

Nice. There isn't a right click option to scan with it. 

I don't know what antivirus software you are using, but in most cases you right click on file and just select option to scan it.

If that doesn't work, go to your anti-virus software and manually show him location of file and force scan it.

[Guest]

3 hours ago, Simon771 said:

 

I don't know what antivirus software you are using, but in most cases you right click on file and just select option to scan it.

If that doesn't work, go to your anti-virus software and manually show him location of file and force scan it.

Defender didn't detect anything 

[Simon771]

1 minute ago, IAmLamp said:

Defender didn't detect anything 

Well in this case you can be 99,9% sure that there isn't any malware inside.

[Akolyte]

For the most part I wouldn't be worried, most PDFs exploit PDF readers through vulnerabilities and sometimes if you enable things like Macros which can allow the PDF to actually run code.  I don't think a VM is needed, that is so overkill and wastes time. Download sandboxie, cool program http://www.sandboxie.com/ it creates a sandbox (virtualizes) every program you run in it and can be cleared.  Meaning, if this your PDF executed malicious code it would be restricted to a virtual sandbox which can be cleared manually.  

 

Most of the time, these aren't to be worried about unless you pirated them. And I'm not saying I do anything but I sometimes get books online that my University uses in their higher computer science classes.  Not saying I do anything bad...  just saying I might download them in pdf form.., 

 

So, you should be fine. Use sandboxie as a precaution.  If it tries to download a file, put it in a vm and grab the file, send it to VirusTotal or submit it to AVG or something and get antiviruses to find it and put it on the radar.  It's like seeding on a torrent, you really should, because otherwise you are technically a terrible person.