Re:Comodo Internet Security Does NOT Detect EliteKeylogger by Widestep

SamanthaBewley · January 9, 2009, 10:59am

Comodo Internet Security Does NOT Detect EliteKeylogger by Widestep

**** (link removed by moderator)

Comodo Internet Security does not detect Elite Keylogger made by a Russian Software Company.
It does not remove it either can this be fixed?

As Comodo is useless in this regard,
I like its othe feature though

Thanks,

Samantha

Little_Mac · January 10, 2009, 3:45pm

Samantha,

Did you install the software and attempt to find it with the AV scanner, or was the software on your system without your knowledge?

I understand that the keylogger is designed to not be detected as such by scanners. However, if CIS is already installed and properly configured, it will not only allow you to block the installation of such software, but block all activity if the keylogger is somehow otherwise installed.

Keyloggers have to take certain actions in order to do their work, and CIS will detect and prompt the user to block those. These include (but are not limited to) directly accessing the screen/monitor and keyboard.

Even if CAVS does not have definitions to allow the detection of this software, you can still Quarantine it. If you know the specific files you need to quarantine, you can open the “Quarantined Items” in the Antivirus tab, and click the “Add” button. Then path out to the necessary file. Repeat as needed.

The Miscellaneous tab in CIS has a “Submit Suspicious Files” feature which will allow you to send the files to Comodo for analysis. This way they can be added specifically to the malware definitions updates.

Hope that helps,

LM

devenroy · January 10, 2009, 4:01pm

if keyloggers are detected by CIS it will add extra protection… so plz can u add this feature in CIS (CNY)

fazio93 · January 10, 2009, 4:05pm

They are detected.

Make sure D+ > Advanced > D+ Settings > Monitor Settings > “Keyboard” is checked.

Also, not sure about this but I think the AV database contains keylogger sigs.

LeoniAquila · January 10, 2009, 4:09pm

Yep, it should detect all kind of malware.

ganda · January 10, 2009, 4:53pm

hi (:WAV)
ehm (:NRD)
could you pls post the screenshots of your
D+ rules (D+/advanced/computer security policy)
&
list of active process (D+/common taks/view active process list)?
(:NRD)
If you don’t know how to make screenshots, please take a look at this

Thanks

ganda