Viruses quaratined but cant find them.

I was informed by a crtical area scan of three threats:
The threat found was “Rootkit.Hiddenfile[at]0”
Comodo didnt detect them at all or anything so im confused about them, unless they arent viruses and I have my heuristics scanning level too high, its currently at medium. I have Comodo set to automatically place threats found in quarantine yet when I went to look in there the threats were not there

Any suggestions?


Also I need to add in that the Scan results never showed up after the scan so that had me concerned.

I had a somewhat similar situation regarding a virus threat received via e-mail. When I double clicked on the attached file, Comodo immediately warned me of a virus threat and indicated that the file had been quarantined. But when I check quarantine, there is nothing there. Also, when I check the event log, there is nothing there. So I would be curious on how your situation is resolved.

At Jokervirus. With Heuristics set to high CIS will get very chatty.

I am pretty much convinced that what you are seeing are false positives as these files belonging to the indexing service of Windows .

I am not familiar with the rootkit scanning techniques being used. A technique for rootkit scanning is to do a regular scan using the standard disk access methods as provided by Windows and then using a homegrown direct disk access technique and look for differences or vice versa.

A disadvantage of such a method is that when files get deleted/created between the two tests it will create false positives. If the file was deleted then there is nothing to delete after it was “detected as rootkit”.