What you did:
Did a scan of a folder filled with malware with heuristics on high. No malware was found. I then checked the files on virustotal and some were even detected with actual detection names (ie not heuristics).
What actually happened or you actually saw:
I checked the files on virustotal and some were even detected with actual detection names (ie not heuristics).
What you expected to happen or see:
The detection should have been the same with heuristics on high and cloud scanning enabled.
How you tried to fix it & what happened:
I checked my settings. For manual scanning everything was selected and maximum size was set to 9999.
If its an application compatibility problem have you tried the application fixes?:
Details (exact version) of any application involved with download link:
Virustotal links to the samples in question.
I can also provide you with the actual files, or CIMA links if you prefer.
- Whether you can make the problem happen again, and if so exact steps to make it happen:
It happens every time I scan these files.
- Any other information (eg your guess regarding the cause, with reasons):
Files appended. (Please zip unless screenshots).
I have attached a hijack this log so you can see the programs running.
- Screenshots illustrating the bug:
See links above.
- Screenshots of related event logs and the active processes list:
- A CIS config report or file.
- Crash or freeze dump file:
- CIS version, AV database version & configuration used:
CIS Premium 5.0.162636.1135
AV Database version is 6540
I have it configured as described here. The real-time scanner is disabled and for the manual scanning every box is checked and the heuristics level is set to high. Just to be clear. Enable cloud scanning was checked.
- a) Have you updated (without uninstall) from CIS 3 or 4, if so b) have you tried reinstalling?:
- a) Have you imported a config from a previous version of CIS, if so b) have U tried a preset config?:
- Other major changes to the default config (eg ticked ‘block all unknown requests’, other egs here. )
Described in my article.
- Defense+ and Sandbox OR Firewall security level:
In general it is set to proactive security. Defense+ and Firewall are in Safe mode. Antivirus is disabled. Sandbox is enabled.
- OS version, service pack, no of bits, UAC setting, & account type:
Windows 7 x64 fully updated. UAC is disabled. Account is admin.
- Other security and utility software running:
No other real-time scanners besides CIS. See log file for any other processes.
- Virtual machine used (Please do NOT use Virtual box):
Not a virtual machine
[attachment deleted by admin]