Comodo FAILS to stop "Smart Fortress"

[Guest]

[fantab]

I was shocked today to find my Win-VISTA PC infected with a 'rouge'ware SMART FORTRESS, a fake anti-malware application.

Comodo failed to prevent this intrusion. I have latest Comodo [CIS Free] which is up to date, I use Comodo DNS and my Defense + is set to 'proactive'.

I eventually removed the said intruder with Malwarebytes Anti-malware following the instructions on  http://forums.malwarebytes.org/index.php?showtopic=107384.

I hope Comodo will rectify their shortcomings and see to it that such intrusions do not by pass CIS in future.

[Siketa]

Did you allow it to install or it bypassed sandbox/Defense+?
Any screenshot would be of great help.

[Chiron]

Can you please upload the sample to VirusTotal and post a link to the results?

Thanks.

[morphiusz]

With correct installation of CIS there is no way for SmartFortress to bypass that. Whether it was sandboxed - after restart it should be gone. I bet you have even not restarted the system

[Seany007]

You prob made a mistake somewhere mate. Also who said that Comodo is bulletproof? LOL! Comodo can be beaten.  

[Siketa]

Right! There are rare cases of trusted malware....
Maybe this is one of them...

[morphiusz]

You prob made a mistake somewhere mate. Also who said that Comodo is bulletproof? LOL! Comodo can be beaten.  

I know how this malware works, I tested it few times. I'm behind the experience, I think you make just a guess. It is not sophisticated malware.

That is true it can be whitelisted.  But that is another problem.

[Seany007]

I know how this malware works, I tested it few times. I'm behind the experience, I think you make just a guess. It is not sophisticated malware.

That is true it can be whitelisted.  But that is another problem.

Sure it is a guess. Sophisticated malware is another matter. Could be white-listed, could be that on his PC Comodo don't function properly, could be that he is using other things, could be anything.

[fantab]

With correct installation of CIS there is no way for SmartFortress to bypass that. Whether it was sandboxed - after restart it should be gone. I bet you have even not restarted the system

Seriously, what is the "correct installation of CIS"? I am afraid to say that SMART Fortress bypassed everything. After I discovered it on my PC/Desktop I ran a scan with Comodo a couple of times and needless to say, I restarted my PC a couple of times.

Unfortunately, I cannot upload any more information about the 'Malware' as I have cleaned it all with Malwarebytes. By the way, there is no other protection on my Vista. And as far as I know, CIS is configured properly and it has served me well in the past years.

I never said Comodo was 100% foolproof. I did not intend to bad mouth CIS but to bring the fact to the forum's notice. I am still a fan of CIS.

I hope CIS will not disappoint me in future, at least not big time.

[languy99]

how did it get installed? Rogues usually need user interaction they don't just do it.

[Tags:]