I want to execute a Nirsoft utility, which I am confident doe not contain Malware. But Comodo keeps intercepting my attempts to run this program and stopping me from running it, saying it does contain Malware.
When the warning box pops-up, it does not offer any detailed information, nor the option to exclude this program/file from Comodo monitoring.
And if I move the cursor, the Comodo box disappears, which is less than useful.
I can’t run the program and I can’t bypass Comodo.
I looked at the AV log and like all Comodo logs, it sucks. I see that the program was quarantined but I don’t see any way to move it out of quarantine or exclude it from Comodo monitoring.
This functionality used to be in previous Comodo AV releases but apparently has been removed.
OK, I found how to get it out of quarantine. At the bottom of the Comodo main window is a row of icons. One is titled “View Quarantine”.
If you click on that, you can move it out of quarantine AND exclude it from future action.
But I should have been given the option to choose whether I wanted it to go to quarantine or be excluded form monitoring when Comodo first picked up the possible threat. However, instead, Comodo moved the program into quarantine and disappeared the pop-up warning with no options for me to choose differently. This is wrong in many ways!
I think the problem was that Comodo default checks “Do not show antivirus alerts”, which when checked defaults to two possible actions - Quarantine or Block.
I unchecked that setting. I am hoping that enables some choice for me the next time a possible threat is discovered.
The help file was not of any use as it doesn’t explain the options in any details.
Also, there is no help available on the advanced settings pages. Why not? F1 should be enabled!
This is to inform you that we checked the application and found it to be potentially unsafe. However detection name will be changed to ApplicUnsaf.Win32.ProductKeyFinder.~A.
If you wish to further use this application you can add it to your “Exclusions” list
Someone would have to first gain access to my computer to do so.
Based on this guess, I would venture that the program should not be considered unsafe to someone using a secure system. Perhaps Comodo should modify “scare” msgs like these to note this distinction.
Based on this guess, I would venture that the program should not be considered unsafe to someone using a secure system. Perhaps Comodo should modify "scare" msgs like these to note this distinction.
It is hard to distinguish useful tools that connect to the OS deeply from malware sometimes. Comodo does not provide a virus database of some sort and lacks differentiation in malware names. Usually people running tools like this are advanced users who know their tools to be trustworthy and like you will report it as f/p.