Did you install the software and attempt to find it with the AV scanner, or was the software on your system without your knowledge?
I understand that the keylogger is designed to not be detected as such by scanners. However, if CIS is already installed and properly configured, it will not only allow you to block the installation of such software, but block all activity if the keylogger is somehow otherwise installed.
Keyloggers have to take certain actions in order to do their work, and CIS will detect and prompt the user to block those. These include (but are not limited to) directly accessing the screen/monitor and keyboard.
Even if CAVS does not have definitions to allow the detection of this software, you can still Quarantine it. If you know the specific files you need to quarantine, you can open the “Quarantined Items” in the Antivirus tab, and click the “Add” button. Then path out to the necessary file. Repeat as needed.
The Miscellaneous tab in CIS has a “Submit Suspicious Files” feature which will allow you to send the files to Comodo for analysis. This way they can be added specifically to the malware definitions updates.
hi (:WAV)
ehm (:NRD)
could you pls post the screenshots of your
D+ rules (D+/advanced/computer security policy)
&
list of active process (D+/common taks/view active process list)?
(:NRD)
If you don’t know how to make screenshots, please take a look at this