I believe I found a bug in COMODO Internet Security Premium (v5.10.228257.2253). I made a video showing how COMODO fails to remove a malware sample. I figured a video would be the easiest way to show you guys. It is able to remove the malware with the on-access scanner, but the on-demand scanner will fail to remove the sample.
In the Video I used VirtualBox which I know you guys don’t like, so I tried VMware Player with a freshly installed copy of Windows 7 Professional 32-bit and COMODO. The results were the same.
Did I do something wrong or is this in fact a bug? Regardless, I thought I would just mention it to you guys.
Test System Information
NOTICE: Both the Windows XP and Windows 7 virtual machines were up-to-date and had no other processes running besides Microsoft windows processes and CIS.
VirtualBox (v4.1.18 r78361)
Microsoft Windows XP Home Edition (v5.1.2600 Service Pack 3 Build 2600)
(I also used VMware Player with Windows 7 and the results were the same)
COMODO Internet Security Premium (v5.10.228257.2253)
A. The bug/issue
- What you did: Did a right click scan on a malware sample
- What actually happened or you actually saw: Malware sample failed to be removed
- What you expected to happen or see: Malware sample to be removed
- How you tried to fix it & what happened: Requested Reboot and still failed
- If its a software compatibility problem have you tried the compatibility fixes (link in format)?: N/A
- Details & exact version of any software (execpt CIS) involved (with download link unless malware): N/A
- Whether you can make the problem happen again, and if so exact steps to make it happen: See Video
- Any other information (eg your guess regarding the cause, with reasons): On-access scanner is able to remove malware sample, while on-demand scanner still fails.
B. Files appended. (Please zip unless screenshots).
- Screenshots of the Defense plus Active Processes List (Required for all issues): N/A
- Screenshots illustrating the bug: See Video
- Screenshots of related CIS event logs: N/A
- A CIS config report or file: Cloud Scanning enabled, everything else is default
- Crash or freeze dump file: N/A
- Screenshot of More~About page. Can be used instead of typed product and AV database version. See Video
C. Your set-up
- CIS version, AV database version & configuration used: v5.10.228257.2253 (Cloud scanning enable other AV settings are default)
- a) Have you updated (without uninstall) from from a previous version of CIS: No
b) if so, have you tried a clean reinstall (without losing settings - if not please do)?: N/A
- a) Have you imported a config from a previous version of CIS: No
b) if so, have U tried a standard config (without losing settings - if not please do)?: N/A
- Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.): No
- Defense+, Sandbox, Firewall & AV security levels: D+= Safe Mode, Sandbox=Enabled (Untrusted), Firewall = Enabled, AV = Enabled
- OS version, service pack, number of bits, UAC setting, & account type:
Microsoft Windows XP Home Edition 32-bit (v5.1.2600 Service Pack 3 Build 2600)
- Other security and utility software currently installed: None
- Other security software previously installed at any time since Windows was last installed: None
- Virtual machine used (Please do NOT use Virtual box): VirtualBox (v4.1.18 r78361) and VMware Player