Hy
CIS antivirus dosen’t detect malwares downloaded by fake site pt.joydownload.com . Some of these malware are detected only if scanned manually by the context menu scanner.
Malwares downloaded are not removed by CIS antivirus when it’s to detect. CIS antivirus just puts a copy of the malware in quarantine.
Compressed malware are also not removed when scanned and detected by CIS antivirus.
Please check these.
Thanks
CIS does not have a network shield. So, it does not detect when a virus is downloaded. Comodo believes that detecting a virus when it is written to disk or memory is enough. That’s why it will be caught by the menu scanner. If it has detection for the virus it will be caught when trying to execute. And since it is unknown the sandbox will isolate it.
CIS antivirus just puts a copy of the malware in quarantine.Does that happen with all malware you tested or only with specific malwares? We may be looking at bug.
Compressed malware are also not removed when scanned and detected by CIS antivirus.What happens when a compressed malware is found? As far as I know I CIS does not remove from within a compressed archive but would rather quarantine the archive.Please check these.
Thanks
Its better to quarantine archives since there might be legit software along with a virus, rather than deleting it, though I wouldn’t mind an option to actually delete the archive directly!
Deleting a file inside a archive shouldn’t be a default option, in order to delete a file you would first need to unpack the archive and then re-pack it without the file, this could lead to issues, the archive could be many hundreds or even thousands of Megabytes in size, packed as a solid archive, have very large dictionary size that is to large to be re-packed on the computer the archive is stored, all of this and many more I can think of could lead to serious problems on the computer in question, anything from take over an hour to re-pack, not enough memory or hard drive space to re-pack the archive completely, remember the computer that packed the file may have much more resources to pack the archive, example being a dictionary size of 256Mb or greater could prevent a computer with far less memory being able to re-pack it, therefore quarantine the archive seems like the best approach to me.