I use lates version CIS beta. I downloaded a file, run it and my PC is infected. I have AV ON, sandbox - FULLY VIRTUALIZED, HIPS - SAFE MODE. I run the file on purpose. I thought it will go to Sandbox. It did not happen. And My PC is infected.
Why was not the file taken to sandbox. It is marked as a virus only 8-10 AV on Virustotal. Comodo has it as clean.
Could it be possible to send the file to virustotal and post the link into this topic ?
Also, you can give me the binary throught PM so that I can test.
Basically, I don’t see any reason why it is in your trusted files…it is brand new (14 hours old) and is listed as unknown in Comodo’s cloud so it automatically goes to sandbox.
I am here again. I have the same problem today. I tried to run old infected file and CIS on my PC says - it is clean. Comodo on Virustotal marked this file as a trojan. I have the latest virus database.
Virustotal just uses CIS scanner but CIS on your system has whitelists too i.e a file goes through whitelists first & if it is whitelisted then it is not scanned so may be the file was in whitelists. VT only uses CIS scanner so thats why may be it was detected at VT.
For such case, a thread is there in the forum “submit malware that is whitelisted”
But for now, nothing shows that this is trusted malware.
You can also send me this file so that I test, but last time you sent me a file it correctly got sandboxed, don’t know why it didn’t on your system.
I disabled the AV & Cloud & it was autosandboxed & Fake AV Antivirus Pro Security appeared. I exited the Fake AV & restarted the system. After restart Fake AV didn’t appeared, neither was active in the memory.