Download | Enterprise | Jetzt kaufen | Screenshots | Historie | Hilfe | How-to | Forum
License & Registration
Bandizip License Policy How to register Bandizip Bandizip Edition Comparison Bandizip MSE (Microsoft Store Edition) How to receive a receipt Refund Policy How to unregister Bandizip
Exclusive features of Bandizip Paid Edition
How to use the Password Manager How to use Repair Archive How to use the Password Recovery How to preview images in an archive with Bandizip How to use Antimalware Scan on Archive
Features & Technical Terms
How to zip files with Bandizip How to unzip files with Bandizip How to use Extract Here (Smart) How to split a large file into smaller files with Bandizip How to use Unicode filenames in ZIP format ZIPX archive format 7z archive format ZPAQ archive format Solid Compression How to open RAR files How to open ALZ and EGG files How to use Fast Drag and Drop How to use Multi-core Compression How to use High-speed Archiving How to modify an archive without decompression How to open a file in an archive without extraction How to edit a file and save it in an archive directly How to set a password for an archive How to encrypt filenames in archives How to move files to Recycle Bin (Trash) when deleting How to compress a file even when the file is used by another process How to use Parallel Extraction Expand folder tree automatically How to prevent data corruption by safe backup How to test an archive How to copy Zone.Identifier information for malware protection How to change the theme color for Bandizip How to export and import Bandizip settings How to uninstall Bandizip Update types Command Line Parameters Bandizip Setup Command Line Parameters Bandizip on Windows 10 on ARM
Troubleshooting
How to troubleshoot when I can’t register Bandizip How to troubleshoot when I can’t access the email account that I used to buy Bandizip How to troubleshoot when codepage auto-detection doesn’t work correctly How to troubleshoot when Bandizip opens archive files automatically when I download them on the browser How to troubleshoot when an icon for archives doesn’t appear properly in the File Explorer How to troubleshoot when a right-click menu (context menu) for Bandizip doesn’t appear How to troubleshoot when a right-click menu (context menu) for Bandizip isn’t displayed properly How to troubleshoot when the compression or decompression speed is too slow How to troubleshoot when Error 22 occurs and Mac Finder on Catalina can’t extract a ZIP archive How to troubleshoot when Mac Finder can’t extract an encrypted ZIP file How to use a non-alphabetic language character in a password How to test multiple archives How to troubleshoot “The parameter is incorrect.” How to troubleshoot when Bandizip conflicts with Sticky Notes How to troubleshoot when I can’t open an archive in a network mapped drive How to troubleshoot when a split archive can’t be decompressed How to troubleshoot when bdzsfx.x86.sfx is diagnosed as malware How to run Bandizip on Linux using Wine

How to use Antimalware Scan on Archive

Thanks to Antimalware Scan Interface (AMSI) from Windows 10, Bandizip provides a feature of antimalware scan on an archive, which can detect malware in the archive without decompression.

CAUTION

  • This feature is only available on Windows 10.
  • This feature performs the scan with the antivirus software already installed on the system.
  • This feature does not work if the real-time protection of Windows 10 is disabled.
  • This feature does not guarantee that it can detect malware in all types of archives.
  • On Bandizip Standard Edition, this feature scans only a file whose size is 1 MB or less among the files in the archive.

How to use

Open an archive with Bandizip and click Scan in the toolbar. You will be notified if any malware is detected.



About Antimalware Scan Interface (AMSI)

Taking countermeasures against malware is a very important issue in the PC environment. Microsoft has introduced Antimalware Scan Interface (AMSI) accordingly, a standard which allows software to call other Antivirus software (AV software) and perform a scan for malware.



Thanks to AMSI, the antimalware scan can be performed using only the content in memory and there is no need to store any infected files in storage. Bandizip scans an archive with AMSI and detects malware in the archive without decompression.

Learn more

  • Windows 10 to offer application developers new malware defenses
  • Windows Dev Center - Antimalware Scan Interface (AMSI)

AV Software supporting AMSI

AMSI is available on Windows 10, and Windows Defender which is a built-in antimalware component of Windows 10 supports AMSI as well. Even when you are using other third-party AV software, Bandizip can perform the antimalware scan using AMSI if the software supports AMSI.

The following AV software supports AMSI: (As of June 2021)

  • Windows Defender
  • Avast
  • Comodo
  • Kaspersky
  • McAfee
  • Sophos
  • ESET

If the third-party AV software which is installed on your system does not support AMSI, AMSI becomes disabled or fails to work properly, and Bandizip cannot perform the antimalware scan.

The following AV software does NOT support AMSI:

  • ALYac
  • Avira
  • eScan
  • Tachyon
  • Tencent PC Manager
  • ViRobot

Why does archiving software need to provide a feature of antimalware scan?

Most AV software can detect malware (such as viruses and ransomware) hidden in an archive. Because the AV software is not archiving software, however, the antimalware scan on an archive performed solely by AV software may fail in the following circumstances:

  • The archive is encrypted.
  • The archive is in an uncommon format.
  • The archive is compressed with an uncommon algorithm.
  • The AV software does not scan archives before decompression.

Archiving software such as Bandizip, which does specialize in handling archive files, can provide fast and accurate malware detection with a scan optimized for the characteristics of the archive.

Sample files for detection tests

The sample files below are not detected as malware by most AV software.

The following links provide detection results of the sample files from VirusTotal. You may find that the sample files are hardly detected as malware by AV software.

  • 1.eicar.com.zpaq
  • 10.eicar(password-is-password).zip
  • 20.eicar.com.txt.lz
  • 21.eicar.com(xz).zip
  • 22.eicar.tar.xz

NOTE

The samples provided in the links are EICAR test files and NOT actual malware. You may learn more about EICAR in the links below.

  • https://www.eicar.org
  • https://en.wikipedia.org/wiki/EICAR_test_file

Limitations

This feature may fail to detect malware under the following conditions:

  • The AV software installed on the system cannot detect the very type of malware.
  • Multiple products of AV software are installed on the system.
  • The real-time protection or AMSI support of the AV software is disabled.
  • Another archive file is contained in the archive.
  • AMSI support of the AV software does not work properly due to other reasons.

This feature cannot detect malware under the following conditions:

  • The size of the file in the archive is 1MB or larger. (Free Edition)
  • The size of the file in the archive is 10MB or larger. (Paid Edition)
  • The OS is not Windows 10.
  • The archive is encrypted and the correct password cannot be provided.
  • Bandizip does not support the format or the compression algorithm which is used for the archive.

Troubleshooting

If AMSI initialization fails, try the following steps to solve the issue.



0x80070015. The device is not ready.

Real-time protection is currently off.

  1. Select Start > Settings > Update & Security > Windows Security > Virus & threat protection > Manage settings.
  2. Switch the Real-time protection setting to On and choose Yes to verify.

0x80070103. No more data is available.

The AV software on your system does not support AMSI. Uninstall it and install other AV software supporting AMSI instead, and then try again. (Windows 10 comes with Windows Defender, built-in AV software supporting AMSI.)