Comodo internet security fails to detect malicious website

[Guest]

[amitjohar]

I was viewing images of black labrador dog at h**p://i****s.google.com/images?hl=en&source=hp&q=black+labrador&gbv=2&aq=0&oq=black+lab&aqi=g10. I clicked on the last photo of second row which has 3 dogs. 
 
As soon as I clicked on it, a fake antivirus scan started on the browser and it wouldn't let me exit. It kept forcing me to download the fake antivirus. However, Comodo took no action whatsoever to block that malicious site. Later when i visited that same site using G-DATA antivirus it detected a virus known as Virus:    JS:Obfuscated-T [Trj] (Engine B).  But comodo antivirus fails to do anything. Why? I had comodo on real time on-access mode.

Moderator edit
Please do not post links to possible Malware on the open Forum.

If you have Malware samples please submit them here

Thank You
Dennis

[Ronny]

This FakeAV is currently under investigation of the AV Lab.

[Chaingun]

sthe exact thing happen to me about a month ago i was redirected to a fake online scan.it started without my permission and the av didnt detect it and im surprised that defense plus failed to alert me that a folder in program files was created sad realy and the folder name was windows police antivirus i think it was and the folder.i really dont feel secure with comodo anymore

[smage]

sthe exact thing happen to me about a month ago i was redirected to a fake online scan.it started without my permission and the av didnt detect it and im surprised that defense plus failed to alert me that a folder in program files was created sad realy and the folder name was windows police antivirus i think it was and the folder.i really dont feel secure with comodo anymore

I hope that someone would explain why did this rogue pass Defense+.

[OmeletGuy]

I have found that some exe's/files can get passed D+ in "Internet Security Mode", Proactive Mode can block them.


This is a known bug... will be fixed.

[smage]

I have found that some exe's/files can get passed D+ in "Internet Security Mode", Proactive Mode can block them.


This is a known bug... will be fixed.

Hi will it be fixed in v3 itself or we'll have to wait for v4?
This bug seems to represent a security risk for users using CIS with default configuration.

Thanks

[OmeletGuy]

As far as i know, it will be fixed in v4.

[smage]

As far as i know, it will be fixed in v4.

Ok thanks.
Keep up with the good work.

[amitjohar]

One thing that I have noticed which can solve this problem is to download AVG link scanner. AVG link scanner works with any antivirus.  Combining AVG link scanner with comodo will block all fake antivirus and bad websites from loading before they do any damage.

[Eric Cryptid]

Another temporary alternative is: Finjan SecureBrowsing ( http://securebrowsing.finjan.com/ )

[Tags:]