After every scan with COMODO Cleaning Essentials a number of “Rootkit.HiddenFiles” were found in the folder ‘\RSA\MachineKeys’. They were removed but after every start-up they were back again.
I went to the forum ‘HijackThis’ and followed several instructions, several days after each other.
In the end the conclusion was, that these must be files that Microsoft make themselves so that it has to be a “False Positive” of COMODO Cleaning Essentials.
Is anything known about this?
I agree they are more than likely false positives. This is what Microsoft tells about the files in that folder:
The MachineKeys folder stores certificate pair keys for both the computer and users. Both Certificate services and Internet Explorer use this folder.
It’s probably best to submit the f/p’s in https://forums.comodo.com/av-false-positivenegative-detection-reporting/submit-malware-here-to-be-blacklisted-2013-no-live-malware-t89868.0.html. I asked the other mods if that’s where to report them.