Is it possible that the file is mistakenly listed as trusted in the file list? Or an auto-sandbox rule to ignore the executable? Any HIPS and or firewall application rule defined for the file in question?
-no msw.exe entry in the File Rating List
-no msw.exe autosandbox entry : I only have a few apps/games there that I have specifically ignored
becaused I knew they were harmless (an old game and a sysinfo utility, which have been scanned with third party
AV engines, so they are safe)
-block malicious apps
-block suspicious locations
-run All unknown apps virtually
-sandbox unknown shared space binaries
-run sandboxed folders virtually
Basically stock settings (with the apps I specifically allowed), but no msw.exe anywhere…
I have yet again manually scanned the file - while I had checked and i had no file exclusions in settings.
File reported clean.
Here is CAMAS result on the file (I have scanned it again to see if there was something new to report):
If there is someone that has tested the file and it got caught/isolated automatically, I would really
appreciate if they PM me with their comodo config to see where the flaw resides in mine.
I reckon that if this file doesn’t get caught from my side and it gets caught at other people’s side, then
it may be something wrong with my config that could prevent effective protection with similar/other
incidents in the future for me. I have tried resetting the config/applying presets, still it didn’t work.
Any tips would be helpful.
Can you send me the file so I can test it? Also if you want re-installing CIS should help in case you have a corrupted install that the diagnostic doesn’t detect, btw have you ran a diagnostic report from within CIS? What version of CIS and windows are you running?