Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!wuarchive!uunet!stanford.edu!agate!e260-1e.berkeley.edu!c60b-1eq
From: c60b-1eq@e260-1e.berkeley.edu (Noam Mendelson)
Newsgroups: comp.binaries.ibm.pc.d
Subject: Re: LHA212JP.EXE .lzh archiver at garbo.uwasa.fi
Keywords: japan lha
Message-ID: <1991Apr24.193210.11644@agate.berkeley.edu>
Date: 24 Apr 91 19:32:10 GMT
References: <1991Apr23.113026.2657@unlinfo.unl.edu> <jochenw.672412891@ikki> <groot.672485960@baukje.idca.tds.philips.nl>
Sender: root@agate.berkeley.edu (Charlie Root)
Followup-To: comp.sys.ibm.pc.misc
Organization: University of California, Berkeley
Lines: 21

In article <groot.672485960@baukje.idca.tds.philips.nl> groot@idca.tds.philips.nl (Henk de Groot) writes:
>About SFX files:
>What is the problem with selfextracting files <-> virusses? You can scan the
>SFX file with a good virus scanner (like F-PROT) and than run it! The 
>resulting files may be contaminated but you have the same result with 
>running an unpacker on an arbitrary archive. If you fear for unknow viruses
>(i.e. not recognized by the scanner) who proves that your unpacker is
>not contaminated or that the software inside the archive is not. The only
>way to be save is not to get files from an anywhere.

You could run a virus scanner on the self-extracting file, but why not
take the easier (and safer) approach of unpacking them directly?
As for the files inside, you're pretty much on your own.
This newsgroup is the wrong place for this discussion, so I suggest that
follow-ups be posted to comp.sys.ibm.pc.misc or an appropriate group.

-- 
+==========================================================================+
| Noam Mendelson   ..!ucbvax!web!c60b-1eq       | "I haven't lost my mind, |
| c60b-1eq@web.Berkeley.EDU                     |  it's backed up on tape  |
| University of California at Berkeley          |  somewhere."             |