Hello!!
I did some testing in a virtual machine (Win 7) using malicious URL’s from the Comodo siteinspector recent detections and other malware urls found on the net (malwaredomainlist.com etc). When using Internet explorer, Comodo detected the malware (it could detect) immediately in most cases and warned me.
What’s strange is that when testing same urls using Google Chrome, CIS never reported anything on all malicious sites I visited (except in one case that CIS “woke up” and created one or two warnings). After that, If I scan via context menu the whole chrome cache folder, CIS will detect the malware inside the files. Why this? Shouldn’t Comodo detect them when visiting the malicious pages?
It’s not a big deal for me as Comodo is supposed to detect them if they run and also I 've created an automatic scan to check the cache every some days. But it would be better if Comodo detected them on visit.
Hello! Not sure about IE and Chrome issue but if you want Comodo AV to detect malware on the ‘fly by’ try to disable: “Enable Scanning Optimizations” setting.
“Enable scanning optimizations – On selecting this option, the antivirus will employ various optimization techniques like running the scan in the background in order to reduce consumption of system resources and speed-up the scanning process (Default = Enabled)”
Also with this option enabled the AV won’t scan/detect files on access in some cases. Only once you execute them or do on-demand scan.
CIS would have detected those downloaded files if the user tried to run them. Thus, there was actually no loss in security (at least for real-world situations).
Oh yeah sure… Nobody talked about the reduced protection you still protected with CAV. If CAV didn’t detect something on access and did so on-demand that’s prob down to scanning optimization setting in order to save system resources.
Thank you all! By the way, I tested Chrome with the option disabled but no change. Anyway, it’s not a problem, I was just curious why this happens with Chrome and not IE.
What I 've done is to create a scheduled custom scan that scans every two-three days the chrome & explorer caches. I 'm ok with this. Despite having a two years license of Avast IS 8 (won by recommending to others) I realized that Comodo is far better on total when did some tests.
A difference can be caused when the browser uses a temporary folder where it will download a file to before moving it to the destination folder. The detection then takes place when the file is written to the destination folder.
What’s the difference. If malware is going to be caught regardless, why does it matter if it’s caught as it’s downloaded or just before it’s able to run? Don’t forget that it takes more resources to do the first.