Hello, i have one question for HIPS and one for Viruscope.
The product KCSoftwares SUMo is benign and it’s installer is detected as Generic.Infector.5. This product releases updates maybe once or twice a month. Why it is still detected when i have selected Ignore and Report as False Positive 5 times in a period of 4 months?
Second, could someone explain me what exactly is the need of such a notification when i can safely allow it? Why doesn’t Comodo allow it for me when it’s safe? See the screenshots.
Third, the upload folder at the forum is full. Could someone tell me the username of the forum admin?
Because when you choose to trust the file it only applies to that specific file (its file hash) so the next time you run a different version of the installer its ‘unrecognized’ and thus will be monitored by Viruscope. If the developer digitally signs their installers you can add its signature to your local trusted vendors list in file rating settings. Viruscope is Comodo version of a behavior blocker in that it will recognize certain activity and warn when such activity occurs, in your situation Generic.Infector.5 is Move (not copy) self to other folder and set registry value in autorun key to self. You can learn more about Viruscope and its recognizers here. Do note that recognizer only applies to processes that are rated as unknown or unrecognized, so a trusted process will not produce a viruscope recognizer alert even if that trusted file performs a recognizer activity.
Second, could someone explain me what exactly is the need of such a notification when i can safely allow it? Why doesn't Comodo allow it for me when it's safe? See the [url=http://imgur.com/a/NkjwC]screenshots[/url].
same as above.
Third, the upload folder at the forum is full. Could someone tell me the username of the forum admin?
yeah I don't know whats up with that and I'm sure comodo knows about it and so do some of the global moderators, but I don't know when this is going to be fixed.