cancel
Showing results for 
Search instead for 
Did you mean: 

Getting legitimate .exe files past the virus checker

N/A

Getting legitimate .exe files past the virus checker

I have several people who regularly need to send me exe attachments. The virus checker has recently started blocking them. I can see there's good reason for that but I'd rather not have to bother support with a ticket every time need to get a file out of quarantine (or is it handled by robot? - in which case I'd feel better about it)

I've tested the system with a small, legitimate exe and it can't be fooled by renaming, zipping or both. Password-locking the zip gets around the exe issue, but then it gets blocked for being a locked zip.

I have managed to send myself the test file by obtaining a digital certificate and encrypting the whole message, but I can't really ask each of my contacts to do that.

Is there a simple way around this without having to opt out of the virus checker all together?

If not, are there any plans to introduce a whitelist facility or to automate getting files from quarantine?
31 REPLIES
Ravinella
Grafter
Posts: 35
Registered: 30-07-2007

Getting legitimate .exe files past the virus checker

Not sure what Plusnet are using for virus checking but I know that when we setup a new mail server at work using Amavisd-new/clamav/spamassassin it was a little over agressive in blocking things.

It's not fun to get it in the kneck from your managing director when he discovers that the .exe key file for your companies major insurance quoting engine is getting bounced back to Norwich Union because of it. Shockedops:
N/A

Getting legitimate .exe files past the virus checker

why cant you just change the extension to .exe1 or just zip/rar it up temporaraly
csogilvie
Grafter
Posts: 5,852
Registered: 04-04-2007

Getting legitimate .exe files past the virus checker

Zipping it won't work - it still blocks it due to the EXE in the zip file, usefully :roll:
N/A

Getting legitimate .exe files past the virus checker

Quote
Zipping it won't work - it still blocks it due to the EXE in the zip file, usefully :roll:

Zipping the .ZIP might work then. Simple enough, but admittedly an unwanted pain.
wheelnut
Grafter
Posts: 102
Registered: 01-08-2007

Getting legitimate .exe files past the virus checker

Even easier just rename to something like *.txt or *.doc and rename back at the other end. Of course there are the types of dedicated 100% virus blockers that do not allow attachments at all so that kind of blocks sending any type of file completely - your only route is then to use a http or ftp server or upload it to a third party server.
N/A

Getting legitimate .exe files past the virus checker

Even, even easier. Go into services and turn off anti-virus protection in your member centre!

Cheesy

Jake
N/A

Getting legitimate .exe files past the virus checker

Thanks - but Jake's suggestion is the only one up to now that would work and I'd rather not opt out altogether - though I am on the verge of resorting to that.

As I said in the original post, renaming and zipping don't fool the virus checker - It still refuses the file. To be clear... I picked a small .exe from my machine so as not to waste bandwidth, and tried sending it as
test.exe
renamed as test.foo
test.zip containing (test.exe)
test_.zip containing (test.foo)
All were blocked.

Yes, I could get the sender to ftp or http, but they are not techie types. An easier route would be for them to send it to another of my accounts which isn't protected - but even that might confuse them Wink
N/A

Getting legitimate .exe files past the virus checker

... and to pre-empt the next suggestion, I've just repeated the experiment with test.foo encased in a .rar archive - which also got blocked. I have to admire the checker's thoroughness, even though it's causing me problems.
N/A

Getting legitimate .exe files past the virus checker

did you try putting the Exe in a Zip, and that Zip in a ZIP. or teh same with RARs. what about soem other compression system? Zip7?
Community Veteran
Posts: 38,305
Thanks: 971
Fixes: 57
Registered: 15-06-2007

Getting legitimate .exe files past the virus checker

Have you tried putting it in a password protected zip. This used to foil the virus checkers.
N/A

Getting legitimate .exe files past the virus checker

Aren't you people listening to this man?

He wants something simple for his "non-techie" friends! They arent going to want to zip and zip again, but a certificate on and then a password.

I think you are going to be forced to opt out of AV if you want to recieve these files or get them sent to an alternative address.

Jake
N/A

Getting legitimate .exe files past the virus checker

I'm having the same problem too, trying to send an exe file to another plusnet user, have zipped rared, renamed, still the same - rejected!

The addressee can get the file but has to raise a ticket :-(
Why have this as the standard option ??

Wayne
N/A

Getting legitimate .exe files past the virus checker

Gave up in the end and had to put it on my website, not exactly the easiest of options Cry
N/A

Getting legitimate .exe files past the virus checker

Like Jake says - I'm after a not-too-techie solution, but for sake of completeness I just tried the suggestions of a zipped zip and a zipped rar and both failed. I haven't got a zip7 utility to hand (so I suspect the senders might not either) but I get the impression that if the virus checker can't check it, it will assume the worst - as per my password protected zip experiment.

Fun though this game has become Wink I'm not going to try any more combinations. Where appropriate I'll ask the senders to use my alternative address or raise a ticket each time.

I don't get much virus traffic, but PlusNet does catch a few every week for me. I like to think I have the sense not to open suspicious messages and I have AVG running locally, but I don't want to switch off the protection because that's defeatist and I suppose I'm a bit stubborn - I don't like to think the virus writers are getting the upper hand. I'd imagine the men in white hats will come up with a convenient workaround in a few weeks.

It's a shame if the virus checker has to be circumvented in any way (whether by renaming, zipping, switching off, whitelisting or just accepting the file from quarantine) because it is executable attachments from non-techie senders that I suspect are the biggest danger - and I'd quite like the rest of the virus checker's functionality to take a look at the contents of the file.

Thanks for your time and do please post if you get an exe through successfully.