A. THE BUG/ISSUE
manually scanning this .rar is not being done properly
- Summary - Give a clear summary in the topic subject, NOT here.
There’s 2 files in a folder that has been that have been compressed to a .rar file. Both files are in comodo’s signatures. It only flags one of them. - Can U reproduce the problem & if so how reliably?:
I can make the sample available to a link if needed - [b]If U can, exact steps to reproduce. If not, exactly what U did & what
Disable realtime scanning. Take 2 malware samples that comodo can flag and put it in a folder. Use winrar to compress it. It’s now .rar file. Right click on it and click on “scan with comodo av” It will only flag one of them, NOT both of them. Now extract the 2 files and put it on the desktop. use the mouse and highlight both of the files. Now right click on it and scan with comodo av. It’ll flag both of them
- If not obvious, what U expected to happen:
I expected both of the files known in comodo’s signatures to be flagged - If a software compatibility problem have U tried the conflict FAQ?:
no - Any software except CIS/OS involved? If so - name, & exact version:
No other security software except “shadow defender” (Shadow defender isn’t even being used
[/quote] - Any other information, eg your guess at the cause, how U tried to fix it etc:
I don’t know - Always attach - Diagnostics file, Watch Activity process list, dump if freeze/crash. (If complex - CIS logs & config, screenshots, video, zipped program - not m’ware)
B. YOUR SETUP (Likely the same for each issue, so you can copy forward)
- Exact CIS version & configuration:
[quote]CIS Premium 6.1.276867.2813 (proactive)
- Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
Firewallset to “custom”
It has check marks on
“filter ipv6 traffic”
“filter loopback traffic”
“block fragmented ip traffic”
“do protocol analysis”
“enable anti-arp spoofing”
For defense+
HIPS set to “clean PC Mode”
clicked on “enable adaptive mode under low system resources”
clicked on “enabled enhanced protection mode”
for av
use heuristics scanning set to “high”
- Have U made any other changes to the default config? (egs here.):
N/A - Have U updated (without uninstall) from a CIS 5?:
Clean Install (this was a brand new computer)
[list type=lower-alpha][li]if so, have U tried a a clean reinstall - if not please do?:
N/A
[/li]- Have U imported a config from a previous version of CIS:
N/A
[li]if so, have U tried a standard config - if not please do:
N/A This only affects manual scanning
[/li]- OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
Windows 8 64bit, intel chip, uac setting disabled, admin account, no virtual machine- [b]Other security/s'box software a) currently installed b) installed since OS[/b]: a= b= [/list]
ShadowDefender
[attachment deleted by admin]