B.D. should be able to store password protected file's passwords for scans.

Rock.87

@Alexandru_BD answered to this thread here :
https://community.bitdefender.com/en/discussion/102777

The thread was closed before I could reply with a very important suggestion.

You stated that malware cannot originate from within password-protected archives and that Bitdefender's real-time protection would detect it as soon as it exits the protected archive.

However, if malware is indeed present within the protected archive, why would it remain dormant until the archive is unlocked? This poses a significant risk to the user.

When a Bitdefender user performs a system scan, they are typically connected to the internet, allowing Bitdefender to operate optimally. However, if the archive containing malware is opened offline or if Bitdefender is not installed or active on the user's PC, the user remains vulnerable and uncertain of their system's security.

Before uninstalling the product (even for reinstallation), the (b.d.) should issue a 'clean chit' to the user. This is crucial because malware within the installation archive could potentially activate during the uninstallation process, even if it's for a temporary reinstallation.

This is particularly important for trial users. If they encounter malware remnants on their system after uninstalling the product, it severely damages the company's reputation. Trial users expect a legitimate security solution and will not consider the product reliable if it leaves behind malicious code

There's also the possibility that the virus/malware might disguise itself as a password-protected file. If Bitdefender could store the passwords of files and use them during scans, it could potentially detect malware even when the stored passwords no longer work for the archived file. In such cases, Bitdefender could request the password from the user. If the user cannot provide the correct password, Bitdefender could flag the file as potentially malicious.

Alexandru_BD

Hello,

Unfortunately, this is not a suggestion that can be implemented, because Bitdefender (or any other security solution) is unable to unpack the contents of such items and scan them, hence the closure of the ideation thread.

Malware cannot actively originate from within password-protected archives because the files inside these archives are inaccessible and inert until they are extracted. Password-protected files encrypt their contents. The malware inside such an archive cannot execute because it remains encrypted and unreadable to the system or any running software until the archive is unlocked and the files are extracted. Malware requires an execution environment (e.g., being loaded into memory or executed by the operating system) to carry out its functions. While inside the archive, the file cannot execute because it is not in an actionable state.

When a file is extracted from the archive, the antivirus software's real-time protection scans the extracted file. At this point, if the file contains malware, it would be detected and blocked before it can execute. But like I mentioned previously, you would require the password to do this anyway and these files belong in most cases to legitimate software.

Regards