Hello, I’ve recently realized that there are some malicious processes that CCS does not see. I’m not talking about the ones that can’t be analyzed or that aren’t found to be malicious. This is a different problem altogether. I’m talking about the malicious processes that can be seen in the task manager but don’t appear when you scan with CCS.
Please post the information requested below so that we can help to improve CCS.
- Your Operating System (32 or 64 bit) and Service Pack revision. Also state whether it’s a virtual machine or the physical system.
- The version of CCS you’re using
- Other Security and Utility Software Installed
- The link to the Virustotal results for the malware
- The link to the CIMA results for the malware
So if you’re going to be testing antivirus applications, or anything like that, then please perform a scan with CCS afterwards and see what it finds. I believe that the more malicious files that bypass CCS we report the better the program will become. I’ve already reported one file here. I’m also curious to see how much malware there is out there that completely bypasses CCS.
I am no longer able to locate any malware that is unseen by CCS as per the newest version. Please let me know if you find any.
I ran this on a Windows XP virtual machine and tried getting rid of it using Comodo Cloud Scanner, Hitman Pro, Malwarebytes, Online Armor Cloudscan, McAfee Removal Tool, Threatfire, and the one who got rid of this nasty rogue was Norton Power Eraser.
The only hit it got on virustotal was from F-Secure and CIMA doesn’t detect it.
- Your Operating System (32 or 64 bit) and Service Pack revision. Also state whether it’s a virtual machine or the physical system.
Windows XP SP3 (32 bit) Virtual Machine
- The version of CCS you’re using
CCS 2.0.162151.21
- Other Security and Utility Software Installed
COMODO Internet Security 5.0.162636.1135
-
The link to the Virustotal results for the malware
http://www.virustotal.com/file-scan/report.html?id=f46dab5f31b2088acf834581408309b7a7e3a95185dc2e5ec86757b7eb225167-1284725442#
-
The link to the CIMA results for the malware
http://camas.comodo.com/cgi-bin/submit?file=08b6f3ec3171995a4c96a8ba316543ca299502a3a5d8eecd6e37e3cf01cb7ae3
This topic actually wasn’t about whether CCS could detect a running process as suspicious or not. It was about whether the process itself shows up when you run a quick scan with CCS. I compared the malware process as seen in the task manager and checked if it showed up in the CCS scan.
Did you have a problem with that?
Also, I don’t think CIMA can detect rogues because they usually operate just like ordinary programs do. I could be wrong.