Was reviewing logs today and noticed that during or shortly after bootup on 7/13/10, Defense+ recorded the following event:
Target: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Flags: Access Memory
I do not recall any pop-up warnings of this event, so I’m assuming Defense+ was just recording one of many transactions that have occurred since I installed version 4.1.xxxxx… on or around 6/1/10. I looked at the entire Defense+ log. This particular event has never occurred before
So, I’m here asking you to verify this event was normal operation and not a threat. FYI, I scanned MSICC.tmp with AV. Zero threats found.
Before sending files, I was asking if the described event/components used are part of the normal functioning of CIS. After all, Defense+ recorded the event without notifying me that it might be a threat.
Example: Perhaps some component of CIS normally uses MSICC.tmp when it updates itself.
If you believe the event is suspicious, do you only want MSICC.tmp or cmdagent.exe as well?
I think what this could be anything. I can not say anything only by name of file.
So if you want to be sure in safety of this file “MSICC.tmp” you can pack it in ZIP, RAR etc. with password and post it here, i will check immediatly is it Malware or Safe file.