File rating

[sinu]

I want know what happens if a unsigned undetected malware is rated as safe by file rating in comodo?

 

[jamescv7]

Well with proper configuration if the file rating cause to bypass and rate Safe then it should monitor by BB/HIPS for the detection that cause to be suspicious and since its unsigned then that should be the first observation by Comodo's function.

Or you may test to run via Comodo Autosandbox to observe any changes happen to the system.

 

[Malware1]

Report it here:
https://forums.comodo.com/av-false-...ware-here-2015-no-live-malware-t109000.0.html

 

[yigido]

I want know what happens if a unsigned undetected malware is rated as safe by file rating in comodo?

It is a rare issue, and also there are very few "trusted adware vendor" in trusted vendor list (TVL).
I reported it but still they did not remove them!!
Enable Viruscope for unsandboxed processes too. If the malicious file checked safe, then It won't be sandboxed so Viruscope will look into it.
On the other hand, Viruscope is not powerfull at all. (@BuketB )
If you have this kind of sample (congrats you found it!) please report it to here

Report it here:
https://forums.comodo.com/av-false-...ware-here-2015-no-live-malware-t109000.0.html

Thanks

 

[Atlas147]

I could be wrong but I think you can send a file for analysis too in the comodo UI itself, although if my memory serves me, the analysis tool might have been broken a long time ago and nobody fixed it.

 

[hjlbx]

I could be wrong but I think you can send a file for analysis too in the comodo UI itself, although if my memory serves me, the analysis tool might have been broken a long time ago and nobody fixed it.

It has been fixed since version 8.0

 

[hjlbx]

Comodo cloud is fairly good about eliminating adware. File verdicts are slow because Comodo relies upon old school manual verdicts.

It is best practice to use PhrozenSoft VT uploader or VT Uploader itself... just a second look to make sure.