fxtreme 0 Posted June 27, 2020 Share Posted June 27, 2020 (edited) I am using eset internet security, and it is not detecting the amtso drive by download test Edited June 27, 2020 by fxtreme Link to comment Share on other sites More sharing options...
Administrators Marcos 4,919 Posted June 28, 2020 Administrators Share Posted June 28, 2020 It seems the website doesn't actually initiate the download of the test file eicar.com. Try downloading it from here: http://2016.eicar.org/download/eicar_com.zip If detected, web access protection works alright. Link to comment Share on other sites More sharing options...
itman 1,629 Posted June 29, 2020 Share Posted June 29, 2020 On 6/28/2020 at 3:47 AM, Marcos said: Try downloading it from here: http://2016.eicar.org/download/eicar_com.zip Actually, that's the zipped version. Both HTTP and HTTPS eicar.com versions can be downloaded here: http://2016.eicar.org/85-0-Download.html . In any case, Eset detects both on attempted download. Looks like there is a problem - again - with the AMTSO test download web site. Link to comment Share on other sites More sharing options...
JitzyJT 1 Posted August 1, 2020 Share Posted August 1, 2020 On 6/28/2020 at 1:17 PM, Marcos said: It seems the website doesn't actually initiate the download of the test file eicar.com. Try downloading it from here: hxxp://2016.eicar.org/download/eicar_com.zip If detected, web access protection works alright. On 6/29/2020 at 6:25 PM, itman said: Actually, that's the zipped version. Both HTTP and HTTPS eicar.com versions can be downloaded here: hxxp://2016.eicar.org/85-0-Download.html . In any case, Eset detects both on attempted download. Looks like there is a problem - again - with the AMTSO test download web site. To add to this ESET doesn't block the download if it's done through internet download manager. The file downloaded successfully and then the file detection cleaned it up from the downloads folder. I also tried going here and downloading from all four https versions of the file and then again the both zip files got downladed via idm but the threat was detected by eset with a notification. The file got downloaded and it is a concern. Can you guys also test this out in Google Chrome with latest idm installed? PS : The file was blocked when I tried downloading without idm. Eset Internet Security : 13.2.16.0 (64bit) Google Chrome : 84.0.4147.105 (64bit) Internet Download Manager : 6.38 build 2 Thank you Link to comment Share on other sites More sharing options...
Administrators Marcos 4,919 Posted August 1, 2020 Administrators Share Posted August 1, 2020 Web access protection cannot scan files downloaded through download managers. Downloaded files will be scanned by real-time protection or upon extraction from an archive. Link to comment Share on other sites More sharing options...
JitzyJT 1 Posted August 2, 2020 Share Posted August 2, 2020 (edited) 10 hours ago, Marcos said: Web access protection cannot scan files downloaded through download managers. Downloaded files will be scanned by real-time protection or upon extraction from an archive. Thank you @Marcos But when I tried downloading from AMTSO all files were blocked by ESET even if the download was initiated by IDM. But if I download the eicar zip file from the official page ESET doesn't block the download through idm. ESET blocked the page but not the download from the eicar official page. But it did block the download from AMTSO. This is what I'm getting into. If it's by nature that ESET functionality is to not block downloads done through download managers then it shouldn't work for any websites. I believe it's because the eicar test file downloaded from the official page have SSL encryption and AMTSO doesn't? Edited August 2, 2020 by JitzyJT Link to comment Share on other sites More sharing options...
Administrators Marcos 4,919 Posted August 2, 2020 Administrators Share Posted August 2, 2020 1, In the list of SSL/TLS filtered applications change "auto" to "scan" for idman.exe: 2, In IDM setup, you may need to change the max. connections number to 1: Link to comment Share on other sites More sharing options...
JitzyJT 1 Posted August 2, 2020 Share Posted August 2, 2020 (edited) 2 hours ago, Marcos said: 1, In the list of SSL/TLS filtered applications change "auto" to "scan" for idman.exe: Thanks again @Marcos That did it. I changed the scan action of IDM from "auto" to "scan" and ESET blocked it straight way. Tried with Chrome, Firefox, Edge Chromium (with microsoft store idm extension) and Brave browser. ESET blocked the download on all four browsers. As for limiting the connections which I didn't have to do anyway so I'm leaving it as it is. I'll keep looking if it'll happen again after changing the setting. Thank you for now!!! Edited August 2, 2020 by JitzyJT Aryeh Goretsky 1 Link to comment Share on other sites More sharing options...
Administrators Marcos 4,919 Posted August 2, 2020 Administrators Share Posted August 2, 2020 1 hour ago, JitzyJT said: As for limiting the connections which I didn't have to do anyway so I'm leaving it as it is. If you don't do that bigger files downloaded in chunks will not be scanned. It was not a problem with eicar since it's a tiny file which is downloaded at once. Link to comment Share on other sites More sharing options...
SeriousHoax 83 Posted August 2, 2020 Share Posted August 2, 2020 57 minutes ago, Marcos said: If you don't do that bigger files downloaded in chunks will not be scanned. It was not a problem with eicar since it's a tiny file which is downloaded at once. I think he wouldn't want to change the number of maximum connection as changing this in a way makes the use of IDM obsolete. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,919 Posted August 2, 2020 Administrators Share Posted August 2, 2020 IDM supports scanning of downloaded files with a command-line on-demand scanner. It's possible to use ecls for this purpose: Aryeh Goretsky 1 Link to comment Share on other sites More sharing options...
Recommended Posts