I would like to see a feature that gives cavs the possibility to check the quarantine folder after each update, in this way the quarantine folder gets scanned and compared with the updates and sig database to see if there has been quarantined legitimate files and programs.
Also I would like to see the ability to right click found threats and send them to comodo to let them examine the files and see if it is a false positive.
I just add them to the exception list and forget about it. The first file is not detected by the VirusTotal v1211. I have the same definition and it’s detected (of course I have everything set to high though).
It’s a small file (13kbs). It simply connects to mvps.org and downloads/replaces the HOST file with the current version. I know a lot of the AV’s detect it as a Trojan, but I feel they are FP’s.
Comodo says it connects to TCP 209.68.48.119:80 (msvp’s site). No other connections to the outside world. It does indeed update the HOST file, and I have yet to see any additional processes execute when running it.
from what I can find it does what it says, so I would label it at a potentially unwanted program, the main problem is that it can be combined with other malware to really mess up your system.