Superantispyware incorrectly reported as modifying memory ?

[Guest]

[poutnik]

SAS 4.0.1154 is reported by comodo 2.4 FW ( w2ksp4 ) as modifying other processes memory.

Just recently I have abandoned my loved Kerio Personal firewall 2.1.5  and tried on w2k comodo pro 2.4.
When I have launched SAS free to make quick scan as background task,
comodo soon realized something strange :



SAS was said to be modifying processes in momory. at picture it was maxthon.exe like my favorite browser frontend. It was later detected on explorer.exe and services.exe.

during comparative scan by ad-aware 2007, comodo did not report anything about ad-aware, scaniing processes too, but SAS was reported as changing memory of aawservice.

on SAS forum site I was told they just scan memory ( that is obvious to do)
and that CPF 2.4 is misreporting this. )

Links to superantispyware forum]

Where is the truth ?

[Matty_R]

Hi Poutnik,i think here Comodo is doing its job as it should,did you have your browser open during the scan as for SAS to do its scan it must access/look at what is running in Memory,therefore it is taken that it is modifying  the memory by Comodo because unless Comodo knows to expect this it will warn you as it would for any rogue app.

So i dont think its doing any misreporting/to scan the memory it must modify it.

Cheers Matty

[poutnik]

So, could it be, that

Ad-Aware 2007 is for comodo 2.4 known trusted application, not to be reported ?
Because Ad-aware makes process can too.

SAS 4.x is far younger than CPF 2.4 and younger than ADAware,
so it can be suspicious for CPF 2.4.

does it make sense ?
Or things are even different ?

[Matty_R]

Sorry poutnik just took a closer look at your pic,could it be SAS using your browser to check for an update?

Matty

[poutnik]

I suppose it could, maxthon is my default.
But what other mentioned processes ?
E.g:  I do not suppose SAS would use for update aawservice  ( service part of Ad-Aware 2007 )

[Tags:]