Jump to content

ecls in winrar


fidelius2
 Share

Recommended Posts

Hello, One of my OS is Windows 7 64 bits and I use the latest Winrar x64.

 

I have integrated ECLS.EXE in order to scan an archive. Here is the command line :

"C:\Program Files\ESET\ESET NOD32 Antiviru\ecls.exe" /base-dir="C:\Program Files\ESET\ESET NOD32 Antivirus" /log-file=c:\temp\ECLS.TXT /log-rewrite /log-console /aind /no-boots /mail /arch /sfx /rtp /adware /unsafe /unwanted /heur /adv-heur /clean-mode=delete /no-quarantine It seems to extract the archive but it returns this error message : impossible to execute ecls

Note this does not happen under Windows XP.

 

Thank you for your help.

Edited by fidelius2
Link to comment
Share on other sites

My question is why are you using ECLS to scan a WinRAR archive in the first place?

 

The realtime ThreatSense scanner will scan archives w/o issue. If you have any doubts, you can test it here: hxxp://www.amtso.org/feature-settings-check-download-of-compressed-malware/ to ensure you have ThreatSense properly configured.

Link to comment
Share on other sites

The link you give is the EICAR test.

I want to understand why ecls in winrar works well in Windows XP but cannot be executed in Windows 7. Maybe it is related to administrator account ?

Link to comment
Share on other sites

The link you give is the EICAR test.

The AMTSO compressed malware tests do use the EICAR test virus string. This is done since virtually all AV vendors support detection of the EICAR test for operational validation purposes.

 

If an AV solution is able to detect the EICAR string in the download process used by the various AMTSO compressed malware tests, you can be assured that their real-time signature/hueristic detection processing is functioning properly. The default setting in Eset for "on file creation" is to scan the file using all available ThreatSense real-time options. I believe archives are scanned to 10 levels deep.

 

This is the proper way for compressed file downloads to be scanned; at time of file creation. Waiting to scan a download until a command line ECLS scan can be run increases your risk for malware infection. Also, Eset's real-time scanning protects files created by means other than Internet download such as coping of files from an external storage device.

Edited by itman
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...