CIS fails to delete samples, restarts indefinitely...

CIS identified some of the samples in my system as infected by SALITY. That’s pretty good.

But, when I clicked on clean…it hangs for a while, after one or two minutes it says it needs to restart the system inorder to clean this file.
If I click “OK”, it restarts the system and after restart it says “failed to clean”.
It then leaves two .tmp files along with the original file.

It repeats the same process for all the samples one after the other.

Can some one confirm this behaviour ?

I can send the samples if someone is ready to check this…

As far as file permissions and other locking are considered, the files are just in a folder on the DESKTOP, they are not active. I can manually cut, copy or delete them just normally in explorer.

Note: I observed the same thing happening with CCE also.


Have you tested it yet ?

I got a confirmation from Pavel that the issue has been reproduced on their side and Developers are looking in to it.

Let’s hope they will fix it soon…

What happened ??

The issue still persists…

Maybe, maybe they should change the antivirus engine

I think the issue is with the newly added “infection cleaning” technology, because it is trying to clean the sample and it is struck there.

During realtime scanning, the same sample is simply quarantined without any hassle.

Yes, exactly right
I’ve tested it now and the sample (SALITY) has been cleaned by Comodo (of course AV on the Real-Time protection). but Comodo failed in On-Demand Scan, and stuck on it! :-\

The issue still remains…

what happened ? can some one post the development update please …


Yes, unfortunately there is clearing issue after on demand scan.

It should be fixed in the next version of CIS.

We are sorry for inconvenience.

Thank you.

Thank you for the clarification idem. Would that be fixed in v5.11 or v6?

v6 has still two months to come at least…Can we expect a v5.11 in between?

By the way, the same problem occurs with CCE 2.4 too…May be a CCE 2.5 then ?

What happened to the fix?

didnt u read the responses. idem said it should be fixed in the next version which hasnt been released yet.

I read thats why I asked. Its been a month now & CIS 6 Beta is not far so a fix with a new version should be released now I think.

That’s the point. Can we expect a 5.11 ? CIS 6 is surely not anyway near as it seems from the proceedings…

I almost stopped using CCE or CIS for malware scans, because whenever it encounters sality or virut infections, the unending reboot cycle starts…if the number of infections is high, even to click “no” for all the reboot requests (one at a time) has become a very painful job.

i havent heard anything about anymore 5.x releases so im sure v6 will fix the problem

Issue not completely fixed in CIS 6 Beta either.

It says it has cleaned the files, but the files are in tact in their folders and not cleaned.

Please report this in the Beta section as a bug.

Be sure to follow the format given in the first post. Failure to follow that format will result in your report being removed from the topic.

I already reported it personally to EGEMEN via mail on the advice of Melih. How do I know the status whether he had time to look in to it or not ?

I will anyway file a bug report, may be it makes things faster…

Should I mention a link to this topic in the bug report ?
Should I give a link to the samples in the bug report ?

I’d include anything which may make it easier to identify and fix the bug. Thus, at least in my opinion, the more information the better. ;D