Quarantined Threats Not Showing On Summary Tab

I did a full scan on my computer, 2 Threats were found from another user (non-admin) account on the machine, quarantined yet does not show in summary tab. Says 0 threats detected.


The bug/issue

  1. What you did: Did Full Scan, found 2 threats and Quarantined.
  2. What actually happened or you actually saw: 2 Threats shown at end, Cleaned/Quarantined.
  3. What you expected to happen or see: 2 Threats to be shown on Summary tab (see screenshot)
  4. How you tried to fix it & what happened: n/a
  5. If its an application compatibility problem have you tried the application fixes here?: No
  6. Details & exact version of any application (execpt CIS) involved with download link: No other app involved, just threats.
  7. Whether you can make the problem happen again, and if so exact steps to make it happen: n/a
  8. Any other information (eg your guess regarding the cause, with reasons): n/a

Files appended. (Please zip unless screenshots).

  1. Screenshots illustrating the bug: Given see below.
  2. Screenshots of related CIS event logs and the Defense+ Active Processes List: Given See ■■■■
  3. A CIS config report or file. Fresh install / Stock Proactive.
  4. Crash or freeze dump file: n/a
  5. Screenshot of More~About page. Can be used instead of typed product and AV database version. n/a

Your set-up

  1. CIS version, AV database version & configuration used: As Above. CIS Complete, 5.8.211697.2124, Virus DB 10474, Proactive
  2. a) Have you updated (without uninstall) from CIS 3 or 4: No, Fresh install replacing 5.5
    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?: n/a
  3. a) Have you imported a config from a previous version of CIS: No
    b) if so, have U tried a standard config (without losing settings - if not please do)?: n/a
  4. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.): No (have enchanced protection on for 64bit Windows 7)
  5. Defense+, Sandbox, Firewall & AV security levels: D+= , Sandbox= , Firewall = , AV = … Def + Safe (enchaned protection 64bit enabled / Sandbox Enabled (untrusted), Firewall Safe, AV On Access.
  6. OS version, service pack, number of bits, UAC setting, & account type: Windows 7 64bit Home Premium, SP1, 64bit, UAC Turned on, Admin.
  7. Other security and utility software installed: None.
  8. Virtual machine used (Please do NOT use Virtual box): None

[attachment deleted by admin]

Thanks for this report in standard format.

I would just like to check:

  1. Is this repeatable? If so/not please edit above post
  2. Could you please describe where to get the malware sample you used from? And exactly what files they were? (Don’t post a link)

Also: have made minor edits to above post to save trouble, hope they are OK

Many thanks in anticipation

Mouse

It’s from my sisters non-admin account and she is away so rather than go into her account or remove password I will offer up this info and see if this helps??

Location: C:\Users\namehere\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\4942e3e6-7f69e2fe|rotor/zalux$vrkr.class

Malware: Malware[at]zya4pqzs19ug
Action: Detect
Status: Success


Location: C:\Users\namehere\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\4942e3e6-7f69e2fe|rotor/zalux.class

Malware: Malware[at]32rk28mf8v5th
Action: Detect
Status: Success


Location: C:\Users\namehere\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\4942e3e6-7f69e2fe

Malware: Malware[at]#zya4pqzs19ug
Action: Quarantine
Status: Success


Don’t know if this helps, all Java is not out of date, she don’t have no-script or anything just plain FF install and Dragon. Maybe should lock it down a bit and teach her how to use…

EDIT/ADD if you want to PM me safe file that will be flagged as malware then you can do so and I can see if repeatable pal.

Thanks. That’s enough.

:slight_smile:

Forwarding.

Mouse