.zip, .rar files and Antivirus [Archive]

View Full Version : .zip, .rar files and Antivirus

Zyrtec

September 7th, 2009, 08:25 PM

Hi everybody,

I have several questions: I know there are some AVs that have an option to scan within .zip, .rar archives upon downloading these from the Internet whereas there are other AVs that lack this option or it has to be enabled because it's not the default setting.

My questions: how conveinent is having this feature in a given AV software?
[Examples: Symantec AV Corp doesn't seem to have it, but McAfee Enterprise appears to have it although disabled by default , KAV doesn't have it enabled by default nor Avira AV Premium. However Eset NOD32 has it enabled on default settings]

Any particular reason why some AVs don't have this feature enabled? Having it enabled makes your PC safer or not? If you download something that happens to be a threat but it's zipped, would it damage your computer just by sitting there un-extracted or you have to extract it in order to execute?

How about resource usage by your AV software having this feaute enabled, would it be higher than usual?

Thanks in advance for your answers

Kind regards,

Carlos

bollity

September 8th, 2009, 04:22 AM

when scanning rar and zip files enabled in real time this will slow down computer specially with big compressed files.
and viruses compressed in a rar and zip files can't do any damage unless it decompressed and executed.

lodore

September 8th, 2009, 06:45 AM

no need to scan archives in realtime. once the files are unpacked they will be detected by the realtime av. even if you enable the archive option in kaspersky the standard is to not scan any archive bigger than 8mb in realtime.
if you try to enable the scan archive in realtime in sophos or drweb they will asks you if you really want to enable tit since it will use more resources but wont really give any extra protection.

1boss1

September 8th, 2009, 07:49 AM

-{ Quote: "
[Examples: Symantec AV Corp doesn't seem to have it, but McAfee Enterprise appears to have it although disabled by default , KAV doesn't have it enabled by default nor Avira AV Premium. However Eset NOD32 has it enabled on default settings]
" }-

NIS09 has it on, they also have a setting for it which says:

-{ Quote: "
Limit Data Extraction

You can turn on this option if you want Norton Internet Security to extract and scan a maximum of 2-GB data from a compressed file. This way, Limit Data Extraction prevents the scan from being stuck up with a single compressed file that contains a large amount of data.

" }-

This is to still provide archive scanning, but at the same time limit the impact on performance. Personally i just leave it off.