Recent Posts

Pages: [1] 2 3 ... 10
1
This is file-less malware feature, where when commands are passed to some interpreters, in your case powershell, CIS creates a temporary file under 'P:\ProgramData\Comodo\Cis\tempscrpt' and executes under Sandbox.

We already improvised message in CCAV so you could see as which is the origin application that was responsible for launching commands on interpreter.

Since April 23 CIS is starting a powershell script several times per hour. Umesh, what is it for?

It runs from P:\ProgramData\Comodo\Cis\tempscrpt and is named C_powershell.exe_A58C59F8D833AE24E2A5BFBE578E325AC5F8AD0A.ps1. It creates two temp files, will create a start up in P:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell with name StartupProfileData-NonInteractive , and it will also change HKSUS\DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs key several times in the process.

See attached image.
2
Since April 23 CIS is starting a powershell script several times per hour. Umesh, what is it for?

It runs from P:\ProgramData\Comodo\Cis\tempscrpt and is named C_powershell.exe_A58C59F8D833AE24E2A5BFBE578E325AC5F8AD0A.ps1. It creates two temp files, will create a start up in P:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell with name StartupProfileData-NonInteractive , and it will also change HKSUS\DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs key several times in the process.

See attached image.
3
Have you tinkered with under the hood settings of CID in the past or have an extension installed that could interfere?
4
Comodo Mobile Security - CMS / Re: False Positives Thread
« Last post by hippiemaster on Today at 09:15:20 AM »
I found the following link and submited a false positive report and got the following reply:
http://www.comodo.com/home/internet-security/submit.php

Hi,
This is to inform you that false-positive has been fixed for
SHA1:eda6930d0fe8f6cd7a5c319a83a22fbd4fc01adf
And it will be reflected in AV database Version <69> of Comodo Mobile Security.


So, I guess issue is resolved. Thanks a lot
6
Help - CD / Re: cannot sign in to Google Sync in settings now
« Last post by cybernautilus on Today at 05:15:07 AM »
Issue continues to remain unresolved while folks here are patting each other on their backs!

Hey, Comodo used to be nice, you know? That's the reason a lot of us installed it.

I know we're all freeloaders but if things aren't gonna work smoothly then we're gonna leave...

Not only am I experiencing the same trouble reported at the head of this thread, but the CD on my Win 7 64 bit PC updates like a few versions behind the rest of the world?! It shows 58.something when 60 was released back in March. And I do have it set to update automatically. So what gives, eh?

Well... I registered specifically to air my grievances.

But with CID having gone Quantum without warning breaking many useful but old extensions and now, this! I'm on the verge of abandoning both for PaleMoon and Vivaldi which I already have as backups on my computer.

I used to have the entire Comodo CIS at one point but with it lording over my PC's resources and causing inexplicable frequent BSoDs recently, I had to take those off to effectively stop the BSoDs.

Yeah, I know, that was some rant. But too much change in too short a time can do that you know? Hoping that Comodo returns to the good 'old' days of being useful and responsive to their loyal installed base... No harm in dreaming!
7
Comodo Mobile Security - CMS / Re: False Positives Thread
« Last post by hippiemaster on Today at 03:23:00 AM »
I know it's an old post, but I couldn't see any point in starting a new one. Where can I report false positives for comodo mobile security?

My cms detected a game from playstore called "Davey's Mystery" as malware. It is a quite popular game with very good reviews. Please advice.

https://play.google.com/store/apps/details?id=com.echolake.daveysmystery
8
News / Announcements / Feedback - CIS / Re: The most missing features
« Last post by JakeGreen on Today at 02:48:35 AM »
CCE has boot time scanning and can be installed either as a standalone or running clean endpoint task. You shouldn't be installing CIS on an already infected or damaged system.  And finally had everyone who request these features actually took the time to either read the help or used the product would know that CIS does have a process activity monitor in virusscope. All you have to do is run an application in containment then view the active process list task, then right-click on the contained process and click show activities.

What I meant by boot scanning is not restarting windows, loading windows and continuing scanning, but pre-Windows environment, usually Linux. CCE boot DVD comes as exact thing, it loads before windows. The one installed with CIS, loads Windows and continues scanning. I am not saying CCE is not super effective, just that this could be improved upon.


SFC /scannow will replace any damaged Windows system files, this comes with every Windows install
Which is not always successful. Hence cloud files restoration in pre-boot environment.
9
SFC /scannow will replace any damaged Windows system files, this comes with every Windows install
10
Hi,Felipe Oliveira

Thank you for your submission.
We'll check them and if found to be malware detection will be added.

Best regards
Chunli.chen
Pages: [1] 2 3 ... 10
Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek