Level12 zip files / recursive analysis ?

Discussion in 'ESET NOD32 Antivirus' started by Philippe_FR22, Feb 4, 2008.

Thread Status:
Not open for further replies.
  1. Philippe_FR22

    Philippe_FR22 Registered Member

    Joined:
    Sep 6, 2007
    Posts:
    249
    Hello,

    Just one question : is a EAV is able to detect level12 zip files containing infected files ? If yes, what is the maximum level ? Is the analysis recursive ?

    Thks for answers
    Phil
     
  2. ASpace

    ASpace Guest

    In real-time EAV/ESS doesn't scan archives , just upon extract . AFAIK , the maximum level is 10 . Everything else is simply testing and unnecessary to detect because noone in real life would pack something 5 times , even 12 times
     
  3. Philippe_FR22

    Philippe_FR22 Registered Member

    Joined:
    Sep 6, 2007
    Posts:
    249
    Hello, Are you sure ? I will check using this link.
    http://securite-informatique.info/virus/eicar/

    But if I good remember, EAV catches the file before being downloaded (thus real time engine) until level 10...
     
  4. Philippe_FR22

    Philippe_FR22 Registered Member

    Joined:
    Sep 6, 2007
    Posts:
    249
    Yes Ok, regarding this link, it's true, no real time engine cought eicar10.zip...
     
  5. jimroe

    jimroe Registered Member

    Joined:
    Feb 9, 2008
    Posts:
    9
    Location:
    Northwest Pennsylvania
    Actually I just tested this and BitDefender caught everything up through and including eicar13.zip.
     
  6. Darth AkSarBen

    Darth AkSarBen Registered Member

    Joined:
    Feb 4, 2008
    Posts:
    109
    Location:
    Near Fennville, MI USA
    On my computer running Avat! 4.7 it caught the zip files all the way up through 30 with that rar and exe file.
     
  7. techtype

    techtype Registered Member

    Joined:
    Nov 1, 2006
    Posts:
    80
    Kaspersky catches everything also.
     
  8. Darth AkSarBen

    Darth AkSarBen Registered Member

    Joined:
    Feb 4, 2008
    Posts:
    109
    Location:
    Near Fennville, MI USA
    But even if something like a real virus came in with a zip file, don't you need some sort of opening and unpacking of the zip before it becomes a real problem? Like a rattlesnake egg just waiting to hatch, but needs your prodding to open it up. Else it just lies there. (Just an illustrations, not the way rattlesnake eggs work.;)
     
Thread Status:
Not open for further replies.