Never said that Comodo was the only one that would detect itseeing that it was detected by viruscope making detection by others very likely.
Harmony blocked a part of War thunder update yesterday and marked a file as malware with confidence of high.
. First time it started doing that. So whatever update they did recently upped their sensitivity. 
You’ll need to open a service request here and report your findings.Harmony blocked a part of War thunder update yesterday and marked a file as malware with confidence of high.
It also blocked sniper elite 5 as malware with high confidence; that I understand do to Denuvo encryption/ copy protection which is basically a rootkit. Just fyi that whatever update it got. It became more zealous. Lots hope it doesn't go CrowdStrike on us.
The malware distribution method must always be taken into account. Majority of malware does not just come like that, out of the blue. It needs to be downloaded or saved from an email. Very few malware families possess automatic spreading mechanisms (such as the Dinihou worm that used to replace files on flash drive with malicious shortcut to these files and installed NJRAT).
Will do but honestly been gaming up with it for the past 1.5 years and this is basically the first time it detected two legit game files (I double checked them and they were all signed by respective companies). In the past it picked up a trainer or a memory value scanner which was totally understandable since neither one of those files were signed and the functions they performed (patch memory of another process) are part of the MiTRE attack framework.
I've set an alarm, tied a string around my finger, and even hired my girlfriend, just to make sure I don't miss a single episode of this new Comodo season - it's pure gold!
Thank you for the exclusive access, @Lynx! 
I see a lot of tension and love here. Am I still on MalwareTips?I've set an alarm, tied a string around my finger, and even hired my girlfriend, just to make sure I don't miss a single episode of this new Comodo season - it's pure gold!
They are the true winners because end of the day, they’ve invested in R&D, they’ve established what’s hot on the market, they’ve developed it and paid to market it. They then extract sweet profits out of it and couldn’t care less who will be proclaimed a winner and where.
They created it with their bare hands... "COMODO!"
The birth of Comodo marked the beginning of an epic clash between the forces of good and evil - a clash as legendary as the creation itself! Comodo Firewall will run it in containment. The firewall alert will depend on your settings. According to @cruelsister and some users in different discussions, her suggested "restricted" setting prevents network connections. However, I haven't tested it, and the help files don't mention it.
It's all well and good but what if svchost.exe doesn't want to be injected by wuaclt.exe? I mean fine you both live in the same environment but did wuaclt.exe buy svchost.exe dinner first?!!! You can't just willy nilly go around and injecting yourself into strange processes without their consent that just plain rude!
CyberLock does not rely on digital signatures, rather it uses digital signatures for file insight to provide to the end-user. CyberLock would easily block this attack.
The malware has invalid digital signatures.
This comment has... a love letter and a breakup note rolled into one!
If you are willing to sacrifice some time and effort and if you want a reasonable secure system this thing would be the best bet out there for a non corporate user to have in their disposal.
I see a lot of tension and love here. Am I still on MalwareTips?
yes I "tested" this file (see other thread) with Harmony in win10_vm also running CL, and CL stopped the attack (or that's what it looked like to me)
