Archiving files for analysis
Antivirus application such as Scan Guard encourage users to engage the threat landscape and submit files for analysis. Specifically, these might be files that are believed to be viruses but Antivirus hasn’t detected them, or conversely, files that Antivirus deems a virus that in fact isn’t.
On the Scan Guard Submit Files for Analysis webpage, we request that any file submissions should first be compressed (sometimes referred to as “archived” or “zipped”) and also password protected. By compressing files and password protecting them, the file is becoming encrypted, meaning it won’t be identified as malicious whilst in transit over email, nor will it be able to run on the receiving computer.
How to compress a file on Windows
In Windows, there isn’t a way to password-protect Zip files within the operating system itself. This means that you’ll need third-party software to accomplish the task. There are a few to choose from, with WinZip, WinRAR, and 7-Zip being some of the most popular. We’ll use the latter for this tutorial, as it’s free and does a sterling job.
There are versions for both 32-bit and 64-bit systems, so be sure to select the one that is appropriate for your PC, if you aren’t sure use this online tool to check.
Once 7ZIP is installed, right-click the file to be compressed and select 7-Zip > Add to archive in the context menu.
Then, in the 7Zip Properties window, enter and re-enter a password to encrypt the compressed file, if you are sending the file to Scan Guard for analysis please used the password “infected”, then click OK
The process of compressing the file will take place, typically only taking a few seconds, then the compressed file will be created in the same folder as where the original file is located.
How to compress a file on MacOS
In MacOS, it is easy to zip a file without using 3rd party software. Right-click on the file to be compressed and select Compress in the context menu.
Go to Finder, scroll down to Utilities and select Terminal from the folder. In the terminal window, type the following command and press enter:
(Please note that you need to enter the archive name of your choice as oppose to archivename.zip. You also need to enter in the exact filename of the file to compress as oppose to filetocompress.xxx)
After hitting enter, you will be prompted to enter a password, then re-enter the password, if you are sending the file to Scan Guard for analysis please used the password “infected” - the compressed file will be created in the same folder location as the original file.
Let's look at that process with a real world example, in the screenshot below, see the file called openvpn.pid
Then in Terminal, lets look closely at that first command. See below where we’ve entered the compressed file name of compressedfile.zip and the actual file name openvpn.pid
After pressing enter, a prompt comes up for password. Please note here that once entering the password, no characters show in terminal.
Once completed, the compressed zip file can be found back in the original folder.