Author Topic: Anti-virus failure  (Read 784 times)

Offline Lilypad

  • Comodo Family Member
  • ***
  • Posts: 75
Anti-virus failure
« on: October 19, 2016, 10:54:48 AM »
I have a friend who has been infected with "Your Computer Has Been Blocked" scam and CIS failed to protect the computer. When he first saw it, he rebooted and did a scan but it still didn't find anything. It pops up every couple of days. Since CIS doesn't see it, what's the best way to remove this? (Win 10 OS)

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 23810
Re: Anti-virus failure
« Reply #1 on: October 19, 2016, 02:54:12 PM »
Try scanning with Hitman Pro, Malwarebytes Antimalware and Super Antispyware and see if they can remove it.

A quick search brings this tutorial: https://malwaretips.com/blogs/your-computer-has-been-blocked-virus/  among others.

Offline Lilypad

  • Comodo Family Member
  • ***
  • Posts: 75
Re: Anti-virus failure
« Reply #2 on: October 19, 2016, 07:56:45 PM »
There are a lot of solutions through Google; I was hoping Comodo had a solution. I'm a little disappointed with the anti-virus side of CIS. Another friend was hit with the FBI one and CIS missed that too. Maybe it's time to recommend a different anti-virus software.

Thanks for your feedback, Eric.

Offline windstorm

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 3630
Re: Anti-virus failure
« Reply #3 on: October 19, 2016, 08:21:45 PM »
Hey,


I'm just wondering if you used KillSwitch (aka "Watch Activity" task) & Autorun Analyzer, Quick Repair (from "Tools" menu)?
Additionally, you could check for suspicious files that were marked as trusted, possibly files that are incorrectly detected as safe.

Optionally, try a different configuration.

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 23810
Re: Anti-virus failure
« Reply #4 on: October 19, 2016, 10:38:05 PM »
The AV of CIS has limited removal capabilities. Comodo focus is on prevention more than detection and removal. Detection of CIS is in the mid range with various others. No scanner is able and capable to keep up with the big amount of malware that sees the light on a daily basis. Hence why prevention is so important.

I don't know how the malwares circumvented the sandbox though.

Offline Lilypad

  • Comodo Family Member
  • ***
  • Posts: 75
Re: Anti-virus failure
« Reply #5 on: October 21, 2016, 01:45:54 PM »
I realize that Comodo is focused on prevention and that's why I recommended it in the first place. His Asus is brand new and I showed him where to download CIS when the computer was fired up for the first time. I understand that no anti-virus software can keep up with the thousands of viruses that are released each month. However, this particular virus has been around for a long time and it never should have been an issue. This is why I'm disappointed with CIS and the fact they don't have tools to clean up the mess when it does happens.

With that said, HIPS did work somewhat against the virus because his computer was not blocked from getting access to the Internet like the virus message said.

I had him do a system restore and scan with malwarebytes and his system is clean now.

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 23810
Re: Anti-virus failure
« Reply #6 on: October 22, 2016, 10:50:23 AM »
Part of reality is that some of the malware stays under the radar of detection of av programs for a while. I can't make it anymore beautiful  :-\

It's a good a practice to scan your computer weekly or when suspicioun is there  with quicks scans from others as well. I scan every couple of week with Hitman Pro, Malwarebytes Antimalware, Super Antispyware and TDSS Killer. I'm pretty of what I install so no surprises when scanning.  Some people also use Zemana Antimalware Free but its driver seems to interfere with my system's performance so I'm not using it (haven't given another try yet).

Please advice your friends to do weekly on demand scans with mentioned scanners.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek