The bug/issue
-
What you did:
Did a scan of a folder filled with malware with heuristics on high. No malware was found. I then checked the files on virustotal and some were even detected with actual detection names (ie not heuristics). -
What actually happened or you actually saw:
I checked the files on virustotal and some were even detected with actual detection names (ie not heuristics). -
What you expected to happen or see:
The detection should have been the same with heuristics on high and cloud scanning enabled. -
How you tried to fix it & what happened:
I checked my settings. For manual scanning everything was selected and maximum size was set to 9999. -
If its an application compatibility problem have you tried the application fixes?:
NA -
Details (exact version) of any application involved with download link:
Virustotal links to the samples in question.
http://www.virustotal.com/file-scan/report.html?id=8fc05b4bb2e2365f320d596c70b43ed4b2dd94376695d9a7bf1122af03402afa-1288213441
I can also provide you with the actual files, or CIMA links if you prefer.
- Whether you can make the problem happen again, and if so exact steps to make it happen:
It happens every time I scan these files. - Any other information (eg your guess regarding the cause, with reasons):
Unknown
Files appended. (Please zip unless screenshots).
I have attached a hijack this log so you can see the programs running.
- Screenshots illustrating the bug:
See links above. - Screenshots of related event logs and the active processes list:
NA - A CIS config report or file.
NA - Crash or freeze dump file:
NA
Your set-up
- CIS version, AV database version & configuration used:
CIS Premium 5.0.162636.1135
AV Database version is 6540
I have it configured as described here. The real-time scanner is disabled and for the manual scanning every box is checked and the heuristics level is set to high. Just to be clear. Enable cloud scanning was checked. - a) Have you updated (without uninstall) from CIS 3 or 4, if so b) have you tried reinstalling?:
No - a) Have you imported a config from a previous version of CIS, if so b) have U tried a preset config?:
No - Other major changes to the default config (eg ticked ‘block all unknown requests’, other egs here. )
Described in my article. - Defense+ and Sandbox OR Firewall security level:
In general it is set to proactive security. Defense+ and Firewall are in Safe mode. Antivirus is disabled. Sandbox is enabled. - OS version, service pack, no of bits, UAC setting, & account type:
Windows 7 x64 fully updated. UAC is disabled. Account is admin. - Other security and utility software running:
No other real-time scanners besides CIS. See log file for any other processes. - Virtual machine used (Please do NOT use Virtual box):
Not a virtual machine
[attachment deleted by admin]