Backdoor.Win32.Prosti.(~N5@42653872) Comodo keeps repeat finding & quarantining

Clare · February 19, 2011, 6:45pm

Hi

I am trying to find out if ‘Backdoor.Win32.Prosti.~N5@42653872’ that Comodo keeps finding and quarantining is a real threat, or a false positive?

Comodo states that the file is located in IOBit Security\is360srv.exe. (Comodo reported and quarantined the file on the 12th & 14th Feb and also today)

I have looked for the rejoice.dll file which apparantly should exist if the threat is real, but its not on my PC.

Also, If a file is quarantined, how can the same file keep being active a few days later on?

Can you help please?

rhgtyink · February 19, 2011, 6:53pm

Hi Clare,

Can you please post a False Positive report here:

on the Quarantine issue it looks like CIS fails to remove the file, probably fights with IObit.

Clare · February 19, 2011, 8:03pm

Just done

Can you tell me what happens now?

Many thanks!

elliotcroft · February 19, 2011, 8:06pm

You posted in the wrong topic.
Create a new topic in that section, don’t reply to an existing topic.
Looks like a moderator fixed it.

rhgtyink · February 19, 2011, 8:21pm

Someone from the AV labs will post in your thread that they’ll investigate if it’s malware.
And they will report back (normally within a few hours/day) if it’s FP or not and if they fixed it in version X of the DB.

Clare · February 19, 2011, 9:14pm

Many thanks for letting me know

rhgtyink · February 19, 2011, 9:45pm

Your welcome.

tartan · May 3, 2011, 3:00am

I have IO Bit Security and I got exactly the same thing. Comodo said it hadn’t found any threats but put Backdoor Win 32. Prosti in the log and said it had quarantined it but when I looked there was nothing in the quarantine. I had to uninstall the IO Bit hopefully that’s got rid of it