I greatly appreciate the link to the virusscan.jotti.org link, and I use it frequently before installing a downloaded file. However, it fairly regularly advises me there are "run-time packers" and that the "sandbox emulation took a longer time than normal to run". This is even when all scanners report no malicious files. It even happens with some files that I am pretty sure should be clean.
It usually occurs with .exe type files. Are "packers" normally found in .zip files and/or .exe files? How serious should I take the presence of "packers" when all scans say the file seems to be clean?.
That's actually a good question - with no satisfactory answer.
You can be quite sure that e.g. Microsoft executables or libraries are not packed by any executable packer. The same would be true for many "big" applications (e.g. Adobe ones?). However, many authors use executable packers as some kind of protection (especially for shareware tools). Some people use rather paranoid packers (so that, for example, the program wouldn't run in presence of a system debugger) even for freeware stuff, no idea why.
So, you should be really suspicious if you find a DLL, named like a Microsoft one, in your system folder; on the other hand, it's rather common for shareware application executables. The "suspiciousness" also depends on the particular type of executable packer used.
