Hi
Before you start reading, you should view these links:
http://www.securelist.com/en/descriptions/old313444
Maybe you have heard about this virus?
It’s very, very dangerous and ‘annoying’(huh) virus.
It codes all your files(pics, music, docs and other) with very strong algorythm, so you can’t get those files back forever.
There are 2 versions of this viruses:
- Old one, detects by CIS (i’ve got this sample),
- New one, which is probably also detects by CIS, but
so, what?
As you can see in the future it can be new versions of GPCode.
When it’s infected your system - all you important files lose.
Cis should(have to) be able to prevent this horrible proceder.
Because now it doesn’t, i made a test few days ago.
With this configuration:
http://img718.imageshack.us/img718/760/comodo.png
(paranoid mode, proactive security, sandbox set on untrusted) GPCode let in the system and destroy(coded) all files This simulation shows that you can lose all your files, when CIS AV doesn’t detect this(for eg. new version of virus, or other virus which codes you files).
I test also Online armor - and it passed the test - GPCode couldn’t get list of the files, so… it couldn’t code nothing. It’s great, that OA can prevent destroy your data, and i hope that you are fix it. For example(like OA) Comodo should gives alert, when something want to get the list of the files, isn’t it? Like OA does.
Or when you have a better solution - i hope you add it to CIS.
http://img89.imageshack.us/img89/2024/35372966.png
http://img267.imageshack.us/img267/4032/85530082.png
Uff… sorry for my chaotic language, mistakes and i hope that you will understand.
P.S To Comodo staff: When you will want to get a sample of this virus i’ve got the old one.
BTW i post about this problem on MRG board, and PM to umesh ;).