I bet this file is safe, look at the first time it was seen on VT, 2006. And only 6 detections, only one of those vendors anti-vir is reputable and I can bet that it is a FP.
Ok i did the test on winxp 32bit updated till date 1GB of ram only CIS with default settings and time machine installed and these are the results
half the files are installers and mostly signed by trusted sources that’s why they are trusted
some files contain or download malwares during installation or execution and some are detected by CIS (see screenshot)
most of the files are detected by other vendors (check malware link below)
some files are not detected or are completely safe (check safe file link below)
some files are unknown to CIS and are sandboxed (see screenshot)
during the test the computers performance was not affected except for when “speederxp.exe” was executed inside the sandbox the computer came almost to a halt
So 16 out of 21 files are detected as malware. Are these really malware? And they were in Trusted Files coz of TVL? Its very tough to check the TVL. There should be a search function.
Yesterday I was testing CIS Suite Free latest on real system XP SP3. I ran 50 zeroday malware.
And yesterday I came to know why executing malware test is better than rightclick scan.
Out of 50 malware Comodo AV detected 27 & the amazing part was Comodo Cloud AV detected more 10 malware, so thats 37/50. Same samples tested against Kaspersky IS 2012 26/50. Others got popups & few missed.
But the reason of the post is here.
While testing a full screen malware appeared. I wasn’t able to get to the desktop. I tried alt + tab but was not possible. I tried to open KillSwitch as I have replaced taskmanager with KS. It initiated but started behind the fullscreen malware. I wasn’t able to get KillSwitch on top of full screen malware. Then again I was trying alt + tab I saw Comodo Cloud AV alert & it appeared on top of full screen malware. 4 alert were there & I clicked clean & the full screen malware was gone, great work by cloud av.
Nothing including KillSwitch was able to be on top of full screen malware but Cloud Alert was which solved the thing.
How Cloud Alert was able to appear on top of malware?
Why KillSwitch was not able to appear on top of malware? In this situation how can I access killswitch so that I can kill the malware?
Hi Naren. Thanks for the test and yes it is daft not having on top in killswitch enabled by default as these full screen malware are sneaky little devils and its only common sense in my opinion to have it enabled.Can you imagine the bother a less knowledgeable person would have if he was infected by such and did not have it enabled.
But I have the same malware, not full screen but rectangular window.
This malware does not allow me to take the cursor out of its window so I am not able to access KillSwitch when it is opened.
But if the KillSwitch position is not by the side of this malware window but on top of the malware then you can access KillSwitch & kill it i.e KillSwitch position should be on the top of malware when you open KillSwitch as the malware does not allows the cursor outside of its window & if KillSwitch position is by the side of malware when it is opened then you cant access KillSwitch.