Yesterday i plugged in friend’s external hdd into my system. And as usual a scan with NOD32 revealed an virus in it (gtk.exe - a variant of Win32/Kryptik.BDR trojan). I tried to delete it in various ways and result is below
1st Try - Tried to Clean with NOD32 and offered to Reboot inorder to clean it. But after reboot it still exits.
2nd Try - In “Folder and search options” selected to show hidden files and OS files…But could not able to view the file on the External drive.
3rd Try - Could able to view the file through GMER but it is unable to delete the file…it says some “invalid handle/file operation”…i don’t remember the exact alert.
4th and Final Try - Now its with Comodo. Added that particular offending file to “Blocked Files” and from there i clicked “Delete File” to permanently remove the file from the external disk…And guess the file succesfully got deleted and verified with GMER file viewer.
Guess that virus (gtk.exe) has applied some strong mechanisms to hide and protect itself from viewing or deleting.
Yeah even what i like to call department store anti virus users… The ones that purchase a anti virus suite because some sales associate recommends it… I have repaired and installed CIS on prolly 50 PC’s now for just the novice of users most after having a infected machine and not knowing something was being added to the system don’t mind a pop up or two. They tell me getting that pop-up is letting me know my computers protection is working.
Thanks to Comodo team and all the get folks in the forums keep up the good work, :-TU
Richard
I use Comodo backup on both my desktop and laptop. Recently, after stumbling across languy’s review of Comodo IS 5 on Youtube, I downloaded it into VMware and spent several days hunting nasties. I don’t usually test malware, so went into warez, gaming and other sites downloading everything I could find. And, I picked up a few bugs of various kinds. Some were old, dating several years ago and some were fairly new.
Comodo caught everything (14 different types of malware). That isn’t a serious or heavy duty test, but it satisfied me that Comodo IS can protect against real, in the wild malware. I ran MBAM and Hitman Pro after and my VM was clean.
I’ve now got Comodo IS on mine and my wife’s machines. Great product, and I like the layered security approach of sandbox, antivirus and Defense +. Why bother with 3 separate pieces of software when you can get 3 in one package?
I personally like the all-in-one approach, but I know there are those that prefer to have each component from a different vendor. The theory being that if someone has discovered a security hole in one product, it’s possible the other products will still keep you protected.
Good point. Never having done much in the way of testing malware, that never occurred to me. Any idea whether Comodo has protection against that if it ever happens?
I looked at it that if the malware gets by the antivirus, the HIPS and/or sandbox would catch it. A malware beating the program hadn’t crossed my mind.
I used to keep several other on-demand AV and malware scanners installed for a second opinion because I just wasn’t sure how the young AV would perform. I’ve since uninstalled all but Malwarebytes and SUPERAntiSpyware because I’ve never encountered anything that led me to believe CIS isn’t capable of protecting my system.
Even before the AV was introduced, the firewall with D+ never let anything through.
Yes i have noticed most people that don’t care for a few pop-ups are the ones that have never experienced something major on there systems. However all the ones i know of that have had some type of malicious software infect there PC making more problems then 2 or 3 pop-ups here and there like having that piece of mind that there protected.
I think people panic when they see a pop-up. I’ve watched that happen with my wife. Then, she clicks the pop-up without reading it. I just a few minutes ago put Comodo IS 5 on her computer and used Languy’s settings. So, she shouldn’t get any pop-ups, or very few.
If the popup is informative, I don’t mind them - as long as they don’t overwhelm me to the point that I spend all my time clicking ‘allow’ or ‘deny’ rather than doing what I want to be doing. I have tested firewalls that initially flood you with questions. Happily, you don’t see very many like that any more.
;D