I've tested KAV 5 Personal on some archives and found: 1. The archive depth that KAV could penetrate differs from your 'Protection Level' settings. With Recommended Level, KAV won't detect a eicar contained in a zip archive, which was contained in an self-extract rar archive, something like this: EICARTEST.exe\eicar2.zip\eicar.zip\eicar.com But with Maximum Protection Level, those could be detected. Anyway, I see no explanation nor detailed settings upon the depth of archive to be detected with different protection level. Don't know the limit depth. 2. KAV's Brute-force ability. I've tried to compress some virus into a rar archive which was protected with password '1234'. KAV was able to detect them inside the password protected rar archive without asking me for password(Maximum Level used, and 'Don't ask for password' checked). Then I changed the password to 12345, and the virus still could be detected. Then I tried password much more complicated, and this time after a long pause(about 10 secs on my Centrino 1.5G), KAV reported no virus was found. It seems that during the long pause, KAV was busy trying to guess the password of your archive in a Brute-force manner. That's very interesting.