Today Ive been kinda bored and downloaded some samples that I later sent to comodo… (I send samples that are UD when heuristic is off…)
However, I do scan samples with heuristic on as well (just to see how many more are found…) :)… And when I do I get findings like “TrojWare.Win32.TrojanDownloader.Agent.~JBD@31855190”
My question is simple…
Is that a naming for heuristic findings?? :-\ :o It sounds like a signature finding and perhaps something that should be detected even with heuristic off?
Yes correct… Scanning the file with no heuristic and there is no warning about a infected file… When I turn on heuristic and rescan the file I get a “infected file” warning with that alert… :-TU
I think Ive seen similar stuff before as well but never really thought about it… I think its a weird naming for heuristic findings… :o
Hi,
They do use highest heuristic mode as per information we have.
We will have to investigate this case.
This is basically Heur.Suspicious case, where name has been changed. We are going to make it available as standard detection where it will detect when heuristic is off as well.
It was not added as a definition… =/ A lot of files I send don’t get added… at least not in days… (the example sample was sent yesterday guess thats nothing to complain about) 88) 88) But your goal is to be quick?? Some files I sent through CIMA weeks/long back has not been added either. Perhaps some are false Positives… But there is a lot of files other (scanners) say are bad that comodo simply do not add at all… Just wanted to inform you about that…