Earlier a few hours ago, Comodo started asking me about a few files.
Comodo doesn’t recognize several Windows files
Also, Excel was flagged for a global hook. I denied that. Then Paint wanted to do some weird things and I denied that. I tried opening Paint for a screenshot, and it also asked me for unlimited access. A few windows files have been unrecognized now by Comodo:
C:\Windows\system32\UI0Detect.exe (I have this sandboxed and running as partially limited)
Looks like I’m infected?
I’m trying to run the psc-exam.exe tool from the Comodo forum and i get this: psc-exam.exe is trying to execute cmd.exe. cmd.exe is a new executable and could not be recognized (???). Should I run it? Why is it “new”? Did something replace a bunch of my system files? ???
And right now it can’t recognize Skype.exe anymore. I didn’t touch anything within Comodo or change any settings
A few times, some programs have said that they want to access the DNS/RPC Client service. I am wondering, did I just maybe somehow accidently set Comodo to some higher setting? And all this stuff is normal? But then again, how is it that files aren’t being recognized anymore?
Sounds like you may have put D+ into Paranoid mode…
Thanks - I just checked, it’s in Safe Mode. I wish I knew what was going on, it’s never done anything like this
Also I ran that tool, and at the end I opened up notepad. Of course, just like everything else, notepad isn’t recognized, and Comodo says notepad wanted Direct Keyboard Access.
What is the normal setting that everyone runs at? Does it sound normal that at Safe Mode I should be getting these alerts?
Could it be because I sandboxed UI0Detect.exe? It is partially limited. I can’t figure out how to unsandbox it.
do you have the “block all unknown request if the application is closed” enabled under defense +?
[attachment deleted by admin]
Thank you. It’s unchecked. That screen shows Safe Mode and none of the options are checked.
ok good cuz many people will enable that and it has the same effect as you described. it will sandbox and block windows files.
have you tried running malwarebytes just to see if you are infected?
It sounds like there could be a problem with the TVL. Perhaps it’s no longer recognizing Windows.
Can you please go to one of those files and upload it to VirusTotal. Then copy the SHA1 and search here by SHA1. Please post a link to the results.
I had the same problem, I solved it. after an internet explorer uupdate that somehow enable windows firewall whick bloked comodo.
solution: go the window firewall/allow program through windows firewall. and add comodo.