AV scan 1/23/2011

I don’t think AV is doing it’s job. Yesterday I ran MBAM, Super Anti Spyware and Hitman Pro and they were all clean except for a few tracking cookies. This morning CIS scheduled scan ran and it came up with threats. Why isn’t Comodo stopping them?

[attachment deleted by admin]

When you see the results these files are only sitting on the hd and are not running in memory. That means you are not infected.

The catch with CIS is that the sandbox will stop almost every malware from breaching system integrity; in short it can not start up or tamper with other files. When a malware is sandboxed it should be gone after a reboot.

The Comodo sandbox has two objectives. Isolate malware and keep system integrity. The other target is to let non whitelisted regular files run normally.

These two objectives result in that CIS will allow malware to drop files. But these files are just sitting on your hd and should not be started with Windows.

If you find malware that survives rebooting please let us know. Comodo is very interested in those.

Thanks for the reply EricJH. I would have no problem if thewy indeed showed up in sandbox burt they didn’t.

Submit the files following the steps mentioned in this thread to determine if the files are false positives or not.
How to report False Positives - Please read this before submitting !