I have some text files which (if converted to .bat) inject content into the Windows 7 hosts file.
There’s nothing malicous to them, but CIS (8.0.0.4344-20939) flags them as malware.
Alright, I can see why it might do so, no complaints there.
Oddly, it still flags them as malware even if they’re inside password protected zip files.
Does CIS attempt to ■■■■■ simple zip passwords during the scan (the passwords are actually ‘password’!)?
I personally don’t have CIS installed (have CFW installed so no on-demand scanning) but you could test your own theory by using another password for your zip file that CIS couldn’t possibly know.
Is it possible to set passwords for zip file without encryption? I don’t know but if it is then that might be it as well, but like I said I don’t even know if that is possible.
As far as I know the AV does not attempt to decrypt password protected zip archives.