In one embodiment, a protected archive is checked for malicious content by checking a file size of the archive and/or examining the archive for notable characteristics indicative of malicious content. The notable characteristics may include values in a header of the archive. For example, the file name extension of a file contained in the archive and the compression method used to create the archive may be taken into account in determining whether the archive has malicious content, such as a worm or a virus. Embodiments of the present invention allow for detection of malicious content in the protected archive without necessarily having to extract files from the archive.

 
Web www.patentalert.com

< System state rollback after modification failure

> System and method for employing social networks for information discovery

~ 00474