The scan-function and the online-scanner OnGuard doesn't scan .sit- and .dmg-archives.
Impact:
It's possible to download malware from the internet or to copy it from an usb-stick without interruption from iAntiVirus.
Malware in .sit-archives is recognized by OnGuard during manuel decompression, but malware in .dmg-diskimages is only recognized during a manual scan of the mounted image.
It's possible to run malware from the mounted diskimage (tested with MacSmurf, which iAntiVirus recognizes as 'Hacktool.OSX.MacSmurf')
The scanner, OnGuard and the quarantine-management are unable to work with files with several special chars in it, for example ƒ, which is transformed to Æ.
Impact:
False-positives are lost, since it's impossible to restore them. Perhaps it's possible to evade the virus-protection.
All quarantined files are managed in the same area. Every user can restore the files of every other user, included the admin
Impact:
A normal user can restore quarantined malware in other accounts, tested with the iWorks-Trojan, which was installed by the admin and restored by a normal user.
Additional, the history-function contains no information about the user which performs an action and can erased by every user.
If OnGuard is on and another user logs in, it seems as if OnGuard is off. If he copies some malware on the system, this disappears without any warning: OnGuard is active and moves the files in the quarantine, but doesn't inform the user about this. If the first user is an admin, this seems to work for every normal user. If the first user is a normal user, it sometimes works for the admin as second user, but not every time.
Every normal user can start a "normal scan", which includes the system-, library- an program-folders and the folders of every user.
