Just that really, what happens when the on access scanner detects a file?
In Antivirus under Scanner Settings I obviously have Real Time Scanning enabled and have automatically quarantine threats found during scanning unchecked…
So what happens?
Today Comodo found two “threats” and promptly displayed a pop up telling me about them but no dialog was displayed asking me what to do with them like in conventional AV’s (i.e. ignore, quarantine, delete). So I check my logs and I see “Detect” under the action column and “success” under the status column.
From what I can tell then the threat has been detected and there has been a success of some form… what success I don’t know.
Anyway, back to real time settings, what’s it do when it detects something during real time?
In my case it didn’t quarantine them because auto quarantine was disabled. I assumed it would leave it be, but that seems not to be the case as the file no longer opens. But its not deleted.
So whats it doing? Is it disabling the thread? Shouldn’t it at least ask before hand if thats what it is doing?
As I said before, not deleted as the file is still there, not quarantined as that is unchecked but apparently “disabled”?
To further illustrate what I’m saying I’ve attached screenshots. The first is what I see when CAVS even “sees” the ■■■■■, notice the lack of a window asking me what I want to do with it. The second is what happened when I attempted to download the eicar file, notice the window screaming at me. Why the discrepancy I guess.
Any help is appreciated, and kudos to Comodo on this thing. It is a piece of work.
[attachment deleted by admin]