Virus in zipped files not detected by CIS

i just download some sample virus files from
I downloaded file called eicar & files to my pc without any detection by CIS but when i tried to extract it in folder CIS detected virus in it.
My question is does this mean CIS realtime scanner doesnt detected virus in zip, rar files until these zip, rar (compressed files) are extracted in folder or we are in that zip file? Bcoz having such zip files is dangerous for pc, bcoz at times we (users) just download the files. Please reply me on this topic, and if CIS lack this features of scanning compressed files while there are saved on pc please include this option in CIS.
Thanks alot in advance to all
Together we can and we will make CIS the best software (:KWL)

A virus in a compressed folder (.zip, .rar, etc) cannot run until it is extracted, which is when it will be detected by the AV. I’m not sure, but I think CIS scans compressed folders to a certain extent. But like I said, it does not matter because it can’t run until it is extracted. :wink:

I had the same question not too long ago. Apparently CIS does not scan downloaded files so it will not detect it when you download it. However, CIS will detect that virus when you run it or do a right click scan.

CIS scans the downloaded files its just that it doesnt scan compressed files like .zip, .rar, etc. until they are extracted, when these files extracted then CIS finds virus in it if any, so if u download any compressed files plz manually scan the file for best. :■■■■ Comodo Guys rock

CIS does not scan Archived files in real time, It scans them on demand (If selected). The reason for this is because you don’t need to and it saves both time and resources of your pc adding to Comodo’s efficiency.

Within an archive files are harmless.

Hope this helps…

Yes understood, if there as an option in setting for antivirus that realtime scanning scan for malwares in compressed files, that be good so those users who want that they can atleast check that option, because many other antivirus scan inside archieves in real time scanning, so including that feature would be highly benificial 88)

Using more PC resources for harmless archives is beneficial? :wink:

Hi devenroy,

As guys pointed the correct way is to scan archive (and/or any file) manually after downloading.
Probably it is better even to use several on demand scanners (more opinions - better & safer :wink: )

As for option in antivirus I don’t think that is is good idea at all. I know few AVs - they don’t have this option (which is correct) Can you give an example of AV which has “real-time-during-download” scanning?
That could make downloads a real madness. First why archives only, in this case.
Then, if files and/or archives are passworded that is just wast of time anyway.
What about archives inside archives … and all that will take place in real-time during download?!
And last but not least the detections could be False Positives (FP)… so instead of having file already downloaded and then going to investigate FPs, you want to interrupt downloads and never know?
I don’t think that I would want such “feature” (no benefits from my point of view, just waste of resources during download)

At the same time if you are using download manager(s) or such Add-on in Firefox as Download Statusbar… and alike, those usually have settings for scanning downloaded files with AV or anti-malware scanner of you preference. You just need to set up the path and parameters, if needed, to the scanner. But again that will not happen in real-time. Scanner will work after the completion of the download. Probably it is a fine option for those, who are forgetting to scan downloads.

And yes, as soon as you will try to open archive the “onAccess” feature of your AV Guard should scan its content. If archive is not passworded and there is something inside suspicious from AV’s point of view - you will be alerted.

My regards

i use KAV and it detects all those archives immediatly and KAV 8 is not as good as a vira about resource usage but by setting anti malware and system security to low and online protection to high it’s a good deal cause all malwares come from the same place, the web.

hmm … i think that this live scaning downloaded zip , rar will be great stuff …

I install comodo on one child computer with internet , they mess up this computer in five days with download lots of crapp stuff from internet …

optional - live scaning downloaded zip , rar files will be great …


Hi ailef,

I don’t know KAV in details. Probably you answered my question about AV that has real-time scanning during download (whatever that means :slight_smile: ), but I still cannot see why that can be anything other than obstacle.
Yes all bad things are coming from web. But just downloading file or archive is not harmful.
Code should be executed that is where you local security should work and it should work by analyzing file or archive (onAccess) or when you run if you have behavioral analysis (onExecute).
KAV as any other AV has FPs and probably KAV has higher rates then others.
What is the point not downloading file if that is a result? (as I said i don’t know details of KAV reaction). And what is the point of wasting those resources during download?
What happen I KAV decided that separate file or archive is fine. You got it (scanned real-time ???) and then you checked with MBAM or a2 and one of them (or both) will raise the Alarm?
Anyway you need file locally… and then you will be able to investigate the matter (sending file for analysis to the vendor of the Software that suspected infection …and so on)

That’s how I see it


Many antivirus give that feature like for example i used avast 4.8 it has that feature whenever any file downloaded it scans it automatically for viruses this includes compressed files like zip, rar etc. they dont make distinction there is small checkbox in avast for those who want to scan archieved files can scanned as soon as they are downloaded they can check that option, other antivirus which gives this option is avira, rising antivirus 2009, pc tools antivirus, kaspersky, eset nod 32 latest version and many other anitivirus also, so i think personally it would be good option to include compress file scanning in realtime scanner, the other reason for this is user at times save file in many locations, and there hard disk size is in 500gb or 1 tb also. so for them to scan entire hard disk with manual scan take hours, so if virus stays there and later if they dont have antivirus as they might have unistalled antivirus from pc, because they want to play games etc. which uses much of resources, then in that time if that compressed file is opened that person can get infected, this is just example but point is important to see if that feature was worthless why many antivirus included it.
So let it there be that option for users who want to scan compressed files in realtime scanner, the person who wants it enabled can enable it simple as that. (CLY)
Thanks for reading and responding.

Hi devenroy,

That makes it clear and that is what I was saying … about scanning after file(s) were already downloaded… sure (:KWL)
I was surprised by “real-time” part in context and then it was “live scanning” mentioned in the discussion so I probably misunderstood that…
Sure… automatically scan straight away when download was accomplished as in some examples in my previous post


I’am try this step:

  1. Download file with Firefox
  2. Auto scan of CIS (in browser) don’t detect virus in file
  3. Manual scan detect virus!

Real-time scan AV bad work.

Hi VGPolitoff,

I am not using CAV, but if you are setting the scan from within Firefox it is not the fact that just calling the main module will do the job.
Some AV have special module and/or separate command line scanner where you have to pass parameter(s) for doing that.

Probably CAV does not have neither of them but if you post the string you set up in Firefox then CAV Gurus may tell if that works or you have to do it differently or that it is not possible yet at all.

My regards

Before use CIS, another Internet Security scan in browser and detect viruses before download.

Hi VGPolitoff,

First, that doesn’t answer the question: how did you set up CAV for scanning with Firefox after you downloaded the file, as you said you tested.
And that is what discussion is about

Scanning “before download” it’s kinda doesn’t make sense… where? on a server? What another Internet Security would do that?
And again, this way you will not get like 90% ( :)) of downloads at all because of FPs and you will never find out why, since you don’t have a file to submit for analysis.

and then how would torrents be checked “before” download, when files are coming from million places in small pieces?

… probably I am missing something


Hi all!
Another Security complex (Steganos, Norton) check incoming / outcoming traffic…

Well, I’ll try and explain this again, but as it has already been explained a few times, I’m not so sure this explanation will stick either…

Scanning a compressed archive is a waste of resources. Any malware in the archive is inert. It can’t get out by itself. It would need to be accessed. Either by another application, or manually by the user. And when it is accessed, CIS will step in and grab it!

So it really doesn’t matter if you have a virus sitting there in the .zip file you just downloaded. It’s not going anywhere. As long as it is caught by the AV, it really doesn’t matter when it is scanned…

Why would someone remove an anti virus to play games? I don’t know about you, but I find it very unwise for someone to have no security apps installed just because they want to play a PC game…