Real time protection

I just saved a txt file with the Eicar test string in it X5O!P%[at]AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* and it took 35 minutes to Comodo AV to detect it in my Documents files. A bit to long for a 55 GB used space HD to my taste. Any suggestion?
88)

Reverted all caps title to normal case. We hear you better when not shouting. Cheers. Eric

Great! I tested Eicar.com. Instantaneous detection on on access setting. The file was quarantined in a sandboxie sandboxed browser and I later manually deleted it from quarantine.
So this convinces me up! I’ll keep up with the Comodo Suite CIS because it is doing an excellent job! :smiley:

Anything run would have been detected automatically. Thus, you are safe from actual malware.

On further investigation, found out that creating a notepad file with that string
X5O!P%[at]AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
was also instantaneously detected as malicious by Norton RP whereas Comodo on access RP took 35-40 minutes. Is it that the heuristics are less powerful in Comodo? That’s only Eicar test file after all. What if a real malware? In the event it should not be blocked by D+ or sandboxed. May be if the developpers of Comodo AV could improve on this… 88)

CAV is designed as an On Access scanner. “On Access” means exactly what it sounds like. Files will be scanned when they are accessed.

Inert malware sitting on your hard drive isn’t a security risk. It needs to be executed in order to infect your machine. This is when CAV will act.

As Chiron already stated, if you ran the new file you’ve created, CAV would detect it. Did you try that?

Got your point! My point is that file shouldn’t even get to my HD! It should be blocked! :slight_smile:

Ok. You’re right. That doesn’t matter:until the malware isn’t executed it is benign and will be destructed by the AV as runned. Thanks for helping me understand this. ;D

You’re welcome. That’s what we’re here for. :slight_smile: