Jump to content
Sign in to follow this  
conslider

real time protection

Recommended Posts

hi guys ,im doing a av comparatives test on my own. I see that kaspersky doesnt detect zipped viruses in real time protection , but detects them in on demand scan. Is this the way kaspersky av works? or do i need to set any option do detect zipped viruses?

Share this post


Link to post

I had the same prob with testing around with the EICAR .... no realtime detection when it's included in a ZIP-File !!

 

When i depack the ZIP it's directly detected but not when downloading the ZIP !

 

Who can explain this please ?!?

Share this post


Link to post

scaning archives (ala zip) uses alot of system resources, specialy if the zip file is large it can really slow down the system. beside this, as long as the malware is inside the zip it is safe and is not able to infect the system. thsi is why kav version 5 does not scan inside archives with the real time protection. however because alot of users and some magazine tests dont understand this and find it strange, there is the option to scan inside archives in the real time protection, in the new kav/kis2006.

Share this post


Link to post

...of course it make sense to me because of the system load but when i look e.g. at the Admin-Kit i see following:

 

post-1553-1133257225.jpg

 

If your description is correct (and i thin it is!) the description of the Realtime-Scanner is not verbalised corretly ;)

In this case it looks like that Kaspersky detects Viruses embedded in Zip, Rar, Arj ... when e.g. downloading them!!!

 

...and of course a Virus in a Zip etc. is not a harassment as long as it's detected by extraction and of course Kaspersky detect such files!

Share this post


Link to post

Self-extracting archives - I think that means exe's and the lot, not standard zipped files?

Share this post


Link to post

@SSK: you didn't read correctly, we discuss the PACKED FILES you can see in the screenshot and not the self-extraxt files (an Eicar in these are dectect by KAV)

Share this post


Link to post

ok a bit more from me :)

 

arvhives = zip, rar, ace,...

 

Self-extracting archives = also zip, rar, ace,... but have a special self-extracting function and because of this they are exe, and more dangerous then standard archivs

 

packed = upx, pecompact,... this are special program packagers and because of this they are also exe and more dangerosu then standard archives

Share this post


Link to post

i totally agree with you SASO but still wondering why e.g. the EICAR.ZIP is not detected even it's a small file and scanning time in real-time will be under 60sec what is the standard scanning time...

Share this post


Link to post
@SSK: you didn't read correctly, we discuss the PACKED FILES you can see in the screenshot and not the self-extraxt files (an Eicar in these are dectect by KAV)

It's easier if you mention what the important information in the screenshot is... :)

Share this post


Link to post
Sign in to follow this  

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.