It’s F+!
I know that because that program has been done by some guys from one of the teach/security forum.
I didn’t say it isn’t an FP, and I don’t doubt it. Just wanted to see which AV detected it. 
here is mine stacv.exe is safe in the cloud via CIS…
I’ve reported the other one , but of course note the number of processes that I’m running 
and compare it the number of unknown objects , that’s awesome 
< it wasn’t like that the last time I checked a couple of weeks ago but thanks to this terrific community and the hard job of comodo’s employees that became a reality.
[attachment deleted by admin]
I infected a virtual box with prorat and CES found in both scan and killswitch :-TU
:edit: while CES did detect the virus files it failed to disinfect and killswitch couldn’t kill the process
on my computer killswitch was blank which i assume is good ;D
[attachment deleted by admin]
Wait, did you use VirtualBox or VMWare?
I’m not sure, but there are probably also limitations for CCE in VirtualBox just like there are for CIS.
i used virtual box thats probably why it did’t remove it? the VB has no AV of any kind fresh installed
Hopefully.
Please run the test again in VMWare and see if it still can’t be cleaned. If not then please PM the sample to one of the staff, or a mod.
Thanks.
i have just install vmware but i don’t have time tonight i will run the same test i did in VB and post back with the results.
is there any way i should pm the sample(should i need to) a zip or what ever ?
You can upload it here and PM the link. Placing it in a zip file first is also probably a good idea.
running the same test again CES removed the virus, but it also picked up
IDMan.exe
CIS also picks this up also as a suspicious file, i believe its a false positive
Virus total
IDman.exe is trusted and whilelisted by comodo , I had no problem installing it , I believe that you are using a " modified " version of it =D
that could be very likely i just downloaded a xp iso just for testing.
I love this tool.
[attachment deleted by admin]
Here’s mine!
[attachment deleted by admin]
Gagu Gadu (GG Network S.A.) is Polish communicator. This aplication is safe.
[attachment deleted by admin]
So what should happen is that file will be uploaded and checked out, once it comes clean it will be listed as safe. Killswitch is just saying it’s an unknown file is all, nothing wrong with that, I’m sure it will be added as safe at some point.
Hi
Any ideas what these 2 suspicious items are under “Services” tab? :o. Btw, “Process” tab comes up clean.
Edit: Should note this is a tablet rather than a desktop computer or laptop. Hidden service looks suspect though.
[attachment deleted by admin]
Have you run Gmer for example?
This looks like a temporary driver loaded to scan like Gmer does (and CCE also, previous version had a bug here in removing this left over entry after scan).
Hi Ronny
Have just downloaded and run GMER. Have looked under “Services” and “Malware/Rootkit” tabs. Can’t see either of these listed.
Ah no, sorry confusing, GMER causes such a temporary entry in your system registry.
So if you scan again with KS then chances are that an other entry shows up now…