Hi,
Am back with the next in this series of “issues” with Pending Files. I note, in passing, that the malware analysis and reporting functions have not removed either file from the pending list, and the Lookup process also is not working, yet. Symptoms are the same as in my previous topic, ‘CIS “My Pending Files” Submittal and Lookup Has Problems’. I also note that the Remove button works; I removed filename ssleay32.dll because it has been cleared by VirusTotal. And so, on to the next “issue.”
The AV has been logging quite a number of “things” and some have been quarantined or removed, without intervention by Comodo. But not all, there are recurring “Detections”, but the files detected have not been moved into My Pending Files as expected. One of those was an older version v2.5.1, of the Yahoo browser helper/toolbar. I expect that this file is unnecessary because there are 3 newer versions of the Yahoo toolbar
I decided to submit this file to Comodo for analysis and used the Add button on the My Pending Files window to get and submit the file. I browsed the Add dialog box to the file and selected it, and it showed up in the right-hand side. Clicked on the Apply button, and the dialog immediately closed, and the selected file did not appear in the My Pending Files list window. Again, same actions, same result. Unfortunate…
Looks like I will need to submit the files to VirusTotal again, outside of the CIS. Hope you all can fix this.
It’s fastest to submit suspicious files and false positives to Comodo through this link:
It sounds from your post like the yahoo toolbar may have been detected. This is probably a false positive. Submit it as a false positive and they’ll let you know after their analysis.
Also, if your computer is infected it’s always better to scan it with more than one anti-malware application. A few of my favorite are given here:
https://forums.comodo.com/virusmalware-removal-assistance/everything-you-need-to-know-about-removing-infections-and-securing-your-computer-t56725.0.html;msg398789#msg398789
I don’t usually do much with the pending files button, so I can’t comment on most of your problems. I usually just investigate the file and either add it to the safe files list or just delete it. My methodology for doing this is given here:
How To Tell If A File Is Malicious
Files detected by the AV will be automatically moved to the quarantine if the option is checked under Real Time Scanning to “Automatically quarantine threats found during scanning”.
Sorry for all the links. Once I get started it’s quite difficult to stop me. ;D
Chiron, no problem, I like the links and your thorough discussions. I can learn from those,
Offering a comment in return, I can say that I have CIS AV set to auto-quarantine the top two threat categories in severity of threat. I thought that this Yahoo thing might be a false positive, so I wanted to keep it where I could reach it, to scan it with other malware apps. I don’t know how to retrieve the thing from quarantine, I don’t think that I have seen a window that facilitates un-quarantining anything. If you have a link for that, I would welcome it. I would scan it with Ad-Aware and Microsoft Security Essentials. In your opinion, are those enough, and are they “good” enough? I could reinstall Spybot, maybe.
Thank you very much.
As Comodo Antivirus currently does not even give you the severity of the threat I don’t think you have this enabled. All you can do is either have it quarantine whatever it finds, or not. You can also change the heuristic scanning level.
Try my advice here:
https://forums.comodo.com/av-false-positivenegative-detection-reporting/netgear-modem-software-google-toolbar-updater-fp-t58464.0.html;msg409457#msg409457
I’m not a fan of Ad-Aware or Spybot. I prefer the scanners I mention here:
https://forums.comodo.com/virusmalware-removal-assistance/everything-you-need-to-know-about-removing-infections-and-securing-your-computer-t56725.0.html;msg398789#msg398789
Let me know if you need anything else.
Hi, Chiron,
you were right, I was thinking of the 4 levels in M$SE. But, I had CIS set to quarantine, and it isn’t quarantining automatically upon detection, either. That’s what happens when i am up late, too late, updating and documenting and reporting on this stuff. I was relying on memory, that grows faint when it’s this late. It’s too late to say more, will try to get back tomorrow (Sunday). thanks for the suggestions, I will check them out. Goodnight.