CIS Antivirus not block suspect or infected sites in Internet Explorer 8[Issue R

The bug/issue

  1. What you did: When I run the link " " in the Internet Explorer 8, CIS antivirus detects and warn but the EICAR test page is loaded (correct would be to warn and block).
  2. What actually happened or you actually saw: The EICAR test page is loaded (correct would be to warn and block).
  3. What you expected to happen or see: I expected this EICAR test page is warned and blocked and no loaded.
  4. How you tried to fix it & what happened: nothing to do.
  5. If it’s an application compatibility problem have you tried the application fixes here?: no
  6. Details & exact version of any application (except CIS) involved with download link: Internet Explorer 8
  7. Whether you can make the problem happen again, and if so precise steps to make it happen: run the link " " in the Internet Explorer 8.
  8. Any other information (eg your guess regarding the cause, with reasons): no

Files appended

  1. Screenshots illustrating the bug: no
  2. Screenshots of related CIS event logs or the Defense+ Active Processes List: no
  3. A CIS config. report or file: no
  4. Crash or freeze dump file: no

Your set-up

  1. CIS version, AV database version & configuration used: 5.3.181415.1237, Proactive config, Firewall and Antivírus default.
  2. a) Have you updated (without uninstall) from CIS 3 or 4: no
    b) if so, have you tried reinstalling (if not please do)?: Yes
  3. a) Have you imported a config from a previous version of CIS: no
    b) if so, have U tried a preset config (if not please do)?: -
  4. Ave you made any other major changes to the default config (eg ticked ‘block all unknown requests’, other egs here.): No
  5. Defense+, Sandbox, Firewall & AV security level: D+=Safe, Sandbox=disable, Firewall=Safe, AV=Stateful
  6. OS version, service pack, number of bits, UAC setting, & account type: Windows XP Pro, SP2, 32 bit, Admin account.
  7. Other security and utility software installed: no
  8. Virtual machine used: no

Not a bug;

If you right click and save page as and try to save it on your Hard Drive it will be caught

But the point is that this site should not be loaded.

CIS Antivirus can not permit that risk sites are loaded.

Why shouldn’t it be loaded? There is zero security risk from opening a .txt file in your browser.

That would be a flaw; If I copied the text into my signature on all the forums i participate in just because of those text; then i guess those who have resource hungry AV/IS Wouldn’t be able to participate in the forums…

There isn’t much of a Security threat at all just reading Txt files…

So why the CIS antivirus to detects it ?

If CIS antivirus detects it so he had to block the loading of the page.

The AV detects it because people have complained that it isn’t detected, even though it isn’t a threat.

As I’ve mentioned in another thread of yours regarding Eicar, even the Eicar page mentions that the purpose of the .txt file is for those that have trouble downloading the .com file. If you can’t download the .com, you download the .txt and change the extension to .txt and scan the .com file with your AV.

Thank you for your Issue report.

Moved to verified.

Thank you