CIS Antivirus not block acess at infected page with Internet Explorer 8


  1. What you did: When I run the malicious link in the Internet Explorer 8, CIS antivirus detects malicious iframe but the page is loaded (correct would be to warn and block).
  2. What actually happened or you actually saw: The malicious page is loaded (correct would be to warn and block).
  3. What you expected to happen or see: I expected this page is warned and blocked and not loaded.
  4. How you tried to fix it & what happened: nothing to do.
  5. If a software compatibility problem have U tried the compatibility fixes (link in format)?: Yes
  6. Details & exact version of any software (execpt CIS) involved (with download link unless malware): Internet Explorer 8.0
  7. Whether you can make the problem happen again, and if so precise steps to make it happen: run the malicious link with malicious iframe in the Internet Explorer 8.0
  8. Any other information (eg your guess regarding the cause, with reasons): no

B. FILES APPENDED. (Please zip unless screenshots).

  1. Screenshots of the Defense plus Active Processes List (Required for all issues): Appended
  2. Screenshots illustrating the bug: Not Appended
  3. Screenshots of related CIS event logs: Attached
  4. A CIS config report or file: Not appended.
  5. Crash or freeze dump file: Not appended
  6. Screenshot of More~About page. Can be used instead of typed product and AV database version: Appended.


  1. CIS version, AV database version & configuration: CIS version 5.8.213334.2131, Proactive config, Firewall and Antivírus default database 10598
  2. a) Have you updated (without uninstall) from a previous version of CIS: Yes
    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?: Yes
  3. a) Have you imported a config from a previous version of CIS: Yes
    b) if so, have U tried a standard config (without losing settings - if not please do)?: Yes
  4. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.): No
  5. Defense+, Sandbox, Firewall & AV security levels: D+=Paranoid, Sandbox=Disable, Firewall=Safe, AV=Stateful
  6. OS version, service pack, number of bits, UAC setting, & account type: Windows XP, SP2, 32bits, Admin
  7. Other security and utility software currently installed: CIS only
  8. Other security software previously installed at any time since Windows was last installed*: no
  9. Virtual machine used (Please do NOT use Virtual box)[color=blue]: no

[attachment deleted by admin]

Don’t think this is a bug, CIS doesn’t have a ‘web filter’ or any ‘block iframe’ features.
It will only scan and stop malware when it’s executed in memory or written to disk (depends on AV settings).

I do not understand your answer.

Here the CIS antivirus detects the iframe and copy the page (html) to quarantine but allows it to be viewed in Internet Explorer 8.

Ideally, the CIS antivirus does not allow viewing of the page.

If you want I can send you the link so that you do the test.


Thank you for your issue report, but as Ronny has already mention CIS does not have a web filter.

So the only action that CIS will take at this time is to detect and quarantine, it cannot stop the page loading but it should detect and quarantine any problem items.

Unless you are saying that you computer is infected by the loading of this page, I will move this topic to the help boards.

Thank you


My computer is not infected but could not include the web filter in the next release ?


Since CIS acts when the malware tries to run, there is no need for a web filter.

If you absolutly need a web filter simply use Panda URL Filtering… It is an excellent web filter and causes no conflicts with CIS 5.8 :-TU

But the web filter would be more pro-active protection.

Agrees ?