question about ESET NOD32 and RAR

Discussion in 'ESET NOD32 Antivirus' started by Galaxykiss, May 26, 2008.

Thread Status:
Not open for further replies.
  1. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    Hello,Eset moderator and fans.
    As we know , ESET nod32 can detect the virus in the RAR file. Somehow,there are something which I don't understand.
    If i download a infected rar file from a static web page, eset can block the file inmediately. But if the webside is a active web page, like forum, the infected rar file can easily slip into my computer after i downloaded it.(all neccesary options like high heuristic have been selected)
    why eset can't also block that kind of rar subject?
    someone told me that it's because the SSL has coded the rar,so that eset can do nothing with it.
    is it true?
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,375
    If the connection is secured (encrypted), then the data stream is meaningless to the web protection. The files would be scanned by the real-time protection upon extraction.
     
  3. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    Someone told me that once ESET said:

    if IMON catch malicious code or not is not connected with web page
    source or technology (php, asp or etc.) but with protocol, that is used
    to download. If it is SSL of any other encrypted protocol, then IMON
    NEVER catch a virus. Keep eye on this please.


    Dose the attachment in forum use the different protocol with other webside so make eset miss it in IMON?

    And does webside like forum or BBS use SSL? someone told me forum can't use SSL and why other antivirus can detect the attachment but eset can't do the same thing.
     
Thread Status:
Not open for further replies.