Reporting Malware (ZeroAccess)


I’m sorry for this hit and run post if it’s not in the correct forum. It’s because I won’t be active here. Just this thread I guess. I just want to say that I’m not satisfied with these results…

My OS: Windows Server 2012 for Datacenters (Malwarefree and legal copy from MSDN)
Evaluating: Comodo Endpoint Security Manager Free - 10 endpoints, fully featured trial
Browser: Dell KACE Security Browser (Download Trials and Freeware Software)
Ethernet: 100 mbps down, 10 mbps up


UAC: Yes
Firewall: Windows
HIPS: Yes, by CESM
Updates: All updates

  • Windows
  • Comodo


Link: Risk Detected

NOT detecting:

  • HIPS not responsive
  • ESET Online Scanner ( (1 full scan used)
  • Sophos Virus Removal Tool
  • Quick scan by Comodo AV for Servers (included in Endpoint Manager)
  • Full scan by Comodo AV for Servers (included in Endpoint Manager)
  • Cloud Scan freezing or not being responsive (or just extremly slow)

Extra info:

  • Browser Virtualization by Dell browser doesn’t seems to work out correctly. So you can count on it’s not a working virtualized solution.

Detecting: McAfee Rootkit Remover (Antivirus, VPN, Identity & Privacy Protection | McAfee)

Just to say… This is just a low level threat. BUT if Comodo isn’t responsive to this threat it may not be responsive on any Blackhole Exploit Kit (or similar) malware that take advantage of browser security. This is crucial.

[attachment deleted by admin]

Do I understand correctly you had an infection in your system which was not found when scanning with Comodo, Eset and Sophos? Only McAfee found it?

I assume that your system was infected before you installed Comodo AV. Is that correct?

Please notice that a HIPS is about preventing. Once you allowed malware after HIPS alerts there is nothing a HIPS can do. It is then to the detection based layer.

Hi SectorA,

Could you please run Comodo Cleaning Essentials on that box? Comodo Cleaning Essentials | Download Free Malware Removal

Please take great care when modifying files on a server though.

Please advise your findings…

Thank you,