The S.M.A.R.T. Check virus - very, very, vicious - is NOT stopped by Comodo. It’s on my main computer now, I’m writing from another computer. This virus moves essential system files to the TEMP folder. When the virus started doing this, Comodo alerted me to viruses in the TEMP folder and advised me to delete these files WHICH I DID, so I’m totally ■■■■■■■.
Comodo, you MUST fix this huge gap in your anti-virus program. I currently HATE you.
I’ve been trying to get this off my computer for hours now. It involves a rootkit, I can’t boot into Safe Mode. It’s a catastrophe.
Hoping topic starter can provide us with a sample so we can see how it is capable of bypassing or not.
What sites you visit to get infected with this?
That’s not relevant if not a derogatory comment. Notice that infections also happen from compromised sites with no malicious intent. Since big corporation’s sites are better protected hackers are now opting for compromising sites of small and medium sized businesses.
Ok initial analysis. AV detects it. I disable the av and cloud functions.
Second thing you see is that D+ heuristics identifies the threat. see first pic.
I select sandbox. Program fails to install. Reboot and all is clear. Verified with MBAM
The only way this bypasses CIS is if you select allow or have changed the settings in such a way that it was able to bypass. I I changed was the firewall setting so that it would ask me and turned off the cloud functions/AV.
