Potentially unwanted applications detection bug?

Potentially unwanted applications detection could be bugged in CIS 8.0.

  1. Go to Settings > Security Settings > File Rating > File Rating Settings
  2. Enable the “Detect potentially unwanted application” option.
  3. OK
  4. Right-click on the attached file (don’t unzip it) and scan it.

Does the CIS scan detect the file?

  1. Unzip the attached file.
  2. Right-click on the eicar.com file and scan it.

Does the CIS scan detect the file?

  1. Try to launch the eicar.com file.

Does the CIS realtime protection detect the file?

My experience is that the realtime protection does detect the testfile, but the manual scanner doesn’t detect it, maybe the manual scanner ignores the “Detect potentially unwanted application” option.

[attachment deleted by admin]

By default CIS does not extract archives other then .jar and .exe during manual scans. However you can modify those settings here: http://help.comodo.com/uploads/Comodo%20Internet%20Security/fed85e91ebdd1966f4fc0662006670cc/5eac818f1e1c4adc19d335055b06586b/a8833311d9b57cff6881d398ba7e2a8a/cis_realtime_scan_settings_010714.png

As I wrote, the unzipped file is also undetected by the manual scan.

When you check the option in File Rating to “Detect Potentially unwanted programs”, CIS should update the scan profiles to do so also. But it does not do that currently, maybe in the future it will. Let’s wait and see.

If I enable “Detect Potentially unwanted programs” and the manual scan doesn’t detect them, I believe it’s a bug, isn’t it?

I can’t even detect the EICAR test file using the manual scan.

Did you enable it in the scan profiles? Scan Profiles, Scan For Virus, Antivirus Protection | Internet Security Help If so, than that is probably a bug if it wasn’t detected.

That option in the scan profiles doesn’t exist anymore.

yes it does

[attachment deleted by admin]

You’re right, I didn’t notice the scrollbar :smiley:

If I also enable that option it does work fine :slight_smile:

It’s a bit unintuitive that the option in the File Rating panel enables the option for the real-time protection only.

Potentially unwanted applications are not being detected with Comodo Internet Security Premium Product Version Database version 24042; so i had to scan my system with Malwarebytes and found over 350 PUP’s. Please let me know if I have to enable something or reconfigure CISP to detect potentially unwated applications.