bypass comodo v5.10 (.hta file)

1.I open the url with opera.

2.I open the url with IE 8.

After that, comodo does not popup any alert window.

3.I check the active process list.

comodo trusts the malware.

4.I check the autoruns.


Windows XP SP3 32bit

IE 8.0.6001.18702

the configuration is “internet security”

can you send me the simple

What effect where left after a reboot?

The process is still active.

process tree:
svchost.exe → mshta.exe → wmMsgSvr.exe( wscript.exe)

(1) mshta.exe created an autorun entry

2012-06-03 21:38:48 C:\WINDOWS\system32\mshta.exe Modify Key HKUS\S-1-5-21-448539723-261903793-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run\opposf Passace

(2) comodo did not sandbox the process, mshta.exe

(3)the service for the svchost.exe is “DCOM Server Process Launcher”

Can you please send me a link to the site?