* Home Help Search Login Register  

Welcome, Guest. Please login or register.
December 29, 2009, 01:10:36 AM

Login with username, password and session length

345889 Posts
38195 Topics
86766 Members
Latest Member: jazzman56

more news...
Search:     Advanced search | Tag Cloud
+  Welcome to the Comodo Forum
|-+  Desktop Security Products
| |-+  Comodo Internet Security - CIS
| | |-+  Leak Testing/Attacks/Vulnerability Research
| | | |-+  a virus that might pass COMODO d+		 « previous next »
Pages: [1] Go Down Print
Author Topic: a virus that might pass COMODO d+  (Read 1230 times)
a256886572008
Newbie
*
Offline Offline

Posts: 19
« on: October 31, 2009, 09:04:40 AM »
COMODO Firewall 3.12.111745.560

1.I execute a virus

2.COMODO diplay an alert"wscript.exe is doing something."

3.I choose "limited applications", and click OK.

4.My disks of C & D become.......
Logged
OmeletParty
Good gamer, Omelet Chef, Rogue AV hater!
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 1695


The only thing i ask for are eggs.


WWW
« Reply #1 on: October 31, 2009, 02:35:26 PM »
What configuration was CIS using?


Also PM me a link to the malware.
Logged
Happy New Year and Holidays
Please follow forum policy. Thank you.
OmeletParty
Good gamer, Omelet Chef, Rogue AV hater!
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 1695


The only thing i ask for are eggs.


WWW
« Reply #2 on: November 01, 2009, 01:13:35 PM »
It seems to get passed CIS on Internet Security Mode, if you use Proactive your ok.

FYI, wscript.exe is used to run this file.

Will send PM's to the correct people, but i belive this is a known bug, that will be fixed in v4.
Logged
Happy New Year and Holidays
Please follow forum policy. Thank you.
Creasy
Product Translator
Comodo's Hero
*****
Offline Offline

Posts: 798


I'm watching you.
« Reply #3 on: November 01, 2009, 01:43:23 PM »
Quote from: a256886572008 on October 31, 2009, 09:04:40 AM
COMODO Firewall 3.12.111745.560

1.I execute a virus

2.COMODO diplay an alert"wscript.exe is doing something."

3.I choose "limited applications", and click OK.

4.My disks of C & D become.......








That's USB autorun virus.
Use various antivirus tool to take care of it.
(you can find manual instruction on internet. you need to find it, because there are
various types of autorun virus)
You may not 100% treat it.......

I recommend you, recover your Windows with Windows recovery function.
« Last Edit: November 01, 2009, 01:48:53 PM by Creasy » Logged
Wrong messages are dangerous, but wrong interpretation of correct messages is even more dangerous.-Andre Kostolany-
I'm a MAN!!
I'm not a girl!
OmeletParty
Good gamer, Omelet Chef, Rogue AV hater!
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 1695


The only thing i ask for are eggs.


WWW
« Reply #4 on: November 02, 2009, 07:57:00 PM »
I have sent the malware to Umesh.
Logged
Happy New Year and Holidays
Please follow forum policy. Thank you.
SS26
Comodo's Hero
*****
Offline Offline

Posts: 1500
« Reply #5 on: November 03, 2009, 03:59:43 PM »
Quote from: OmeletGuy on November 02, 2009, 07:57:00 PM
I have sent the malware to Umesh.
Can you be so kind to send it to me also?.... Or tell a place where i get it?
Logged
OmeletParty
Good gamer, Omelet Chef, Rogue AV hater!
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 1695


The only thing i ask for are eggs.


WWW
« Reply #6 on: November 03, 2009, 04:06:19 PM »
Quote from: SS26 on November 03, 2009, 03:59:43 PM
Can you be so kind to send it to me also?.... Or tell a place where i get it?

Your not in Malware Research Group... so no..

But i can say its a vbs script.
Logged
Happy New Year and Holidays
Please follow forum policy. Thank you.
LaserWraith
Usability Study Member
Comodo's Hero
*****
Offline Offline

Posts: 3271


I keep the future under my bed.


WWW
« Reply #7 on: November 03, 2009, 04:11:36 PM »
Quote from: OmeletGuy on November 03, 2009, 04:06:19 PM
Your not in Malware Research Group... so no..

But i can say its a vbs script.

Mr. Omelet...I'm in the MRG so could I have it?

Anyway I thought it was ok to PM malware, as long as you know the person could handle it (I think SS26 can) and is isn't public.
Logged
In peace sons bury fathers; in war fathers bury sons.

Visit my site!

Some of my articles - click for blog page.
OmeletParty
Good gamer, Omelet Chef, Rogue AV hater!
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 1695


The only thing i ask for are eggs.


WWW
« Reply #8 on: November 03, 2009, 04:12:38 PM »
Will PM both of you...
Logged
Happy New Year and Holidays
Please follow forum policy. Thank you.
evil_religion
Malware Research Group
Comodo's Hero
*****
Offline Offline

Posts: 341
« Reply #9 on: November 03, 2009, 04:23:37 PM »
Quote from: OmeletGuy on November 03, 2009, 04:06:19 PM
But i can say its a vbs script.
Btw: It would be good if CIS 4 will treat VBS scripts as own programs so that it can monitor actions done by them.
Logged
SS26
Comodo's Hero
*****
Offline Offline

Posts: 1500
« Reply #10 on: November 03, 2009, 04:28:00 PM »
Quote from: LaserWraith on November 03, 2009, 04:11:36 PM
Anyway I thought it was ok to PM malware, as long as you know the person could handle it (I think SS26 can) and is isn't public.
Thanks  Thumb Up  ....appreciated  Cool

Quote from: OmeletGuy on November 03, 2009, 04:12:38 PM
Will PM both of you...
Received. Thanks.
Logged
LaserWraith
Usability Study Member
Comodo's Hero
*****
Offline Offline

Posts: 3271


I keep the future under my bed.


WWW
« Reply #11 on: November 03, 2009, 04:31:11 PM »
Quote from: SS26 on November 03, 2009, 04:28:00 PM
Thanks  Thumb Up  ....appreciated  Cool
Received. Thanks.

Now you have to pay me.

 Cheesy Cheesy Cheesy

Kidding, of course.  Tongue
Logged
In peace sons bury fathers; in war fathers bury sons.

Visit my site!

Some of my articles - click for blog page.
Tags:
Pages: [1] Go Up Print 
« previous next »
Jump to:  

SSL Certificate Free Virus Removal Firewall
Page created in 0.045 seconds with 19 queries.
Powered by SMF 1.1.11 | SMF © 2006, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks 		Design by 7dana.com