The alert window is covered by the malware

FVS report:

Please add an item to the settings of CIS,

“the alert window is always on top.”

[attachment deleted by admin]

I agree with you, CIS’ alert should have the highest priority :-TU

hi guys

I apologize for my English

Morphiusz —2011-08-11 01:41:00---- Trojan blocker

nunomiguel1975— 2011-08-13 07:47:13— danger--------very inportant------- lock pc Trojan blocker ---- Final Result: Malware

program are executed 08/15/2011— xxx_video.exe

run program does not detect viruses

The alert window is covered by the malware

[attachment deleted by admin]

This is a very very nasty russian ransomware…someone suggested CIS should advertise user that an application wants to run in full screen mode (the tipical ransomware strategy to inhibit any termination attempt), to avoid these problems…even because if I remember properly, this malware prevents task manager and windows safe mode to work…

I see this as a major problem that Comodo must address. I had the same issue when testing CIS 5.8 Beta.

Here was my recommendation:
“Comodo needs to find a way to prevent a sandboxed malware from taking focus (full screen or not). When this happens, it often makes the PC unusable, especially when an undetected malware goes full screen (an undetected malware can take focus even after reboot). In my case, the heuristics detected the malware, and even though I blocked it, it ran in the sandbox and stole focus.”

Many users have requested a “full screen/steal focus” warning. Hopefully Comodo will find a way to address this!

Hey does anyone have a sample of this ransomeware? If so send it via PM. Please :slight_smile:

Hi TurboRO,
Kjdemuth is a member of the MRG and he wasn’t asking for it to be posted on the Forum, he was asking for it via PM most likely for research purposes.

Sorry TurboRO. I didn’t want it to be posted just wanted a PM for a sample of it. I couldn’t find a sample of it anywhere. It’s sad when you want to get infected but can’t. I’m aware of the forum policy, next time I won’t post it in a thread.
Yes I was looking for it for research. Thanks captainsticks.

I see no problem with disseminating a malware by pm in the public part of the forums. That’s a standing practice.