Problem with CIS | Virus/Malware Removal Assistance

APACHE

Comodo Family Member

Offline

Posts: 94

Problem with CIS

« on: March 31, 2010, 05:55:27 PM »

Can you at Comodo tell me why after downloading a known malicious file to test in CIS sandbox and after running the file I found 5 infestations on the computer with Malwarebytes? The computer was clean at the start of this test. The file was run in the sandbox as untrusted.

CIS AV did not detect this as malware

The file was;
File Vizualizacao_Fotos.scr received on 2010.03.31 22:33:11 (UTC)
http://www.virustotal.com/analisis/56535fd606851603c0504403a2af5ca8294a5e81133b664ec53f57089ed60526-1270074791

CIMA Results
http://camas.comodo.com/cgi-bin/submit?file=56535fd606851603c0504403a2af5ca8294a5e81133b664ec53f57089ed60526

CIS Version4.0.138377.779
OS Windows 7

I still have a copy of the Vizualizacao_Fotos.scr file if needed.

APACHE

Capture.JPG (41.9 KB, 913x146 - viewed 10 times.) Capture c.JPG (49.03 KB, 730x353 - viewed 12 times.)
« Last Edit: March 31, 2010, 06:36:41 PM by APACHE »	Logged

Chiron

Global Moderator
Comodo's Hero

Offline

Posts: 5589

Re: Problem with CIS

« Reply #1 on: March 31, 2010, 08:12:52 PM »

The sandbox currently incorporated in CIS is not yet bulletproof. Currently it will allow a program to drop files outside of the sandbox.

These files, however, are sandboxed if they try to run.


« Last Edit: June 03, 2010, 10:35:12 PM by Chiron »	Logged

How To Install Comodo Firewall

How To Stay Safe While Online

APACHE

Comodo Family Member

Offline

Posts: 94

Re: Problem with CIS

« Reply #2 on: March 31, 2010, 08:34:13 PM »

Quote from: Chiron on March 31, 2010, 08:12:52 PM

The sandbox currently incorporated in CIS is not yet bulletproof. Currently it will allow a program to drop files outside of the sandbox. Please see the guide in the bottom of my reply for more information about how the sandbox works.

I have used other sandbox apps before and usually you don't have this kind of issue. The untrusted file or app is run in the sandbox to keep it from infesting the rest of the PC if it turns out to be malicious. If malicious then it can be removed without any harm to the computer.

APACHE


« Last Edit: March 31, 2010, 08:36:17 PM by APACHE »	Logged

Chiron

Global Moderator
Comodo's Hero

Offline

Posts: 5589

Re: Problem with CIS

« Reply #3 on: March 31, 2010, 09:23:36 PM »

I believe that this is what they are aiming for (I hope) however it's not quite there yet. Perhaps this is the reason the update to V4 hasn't been pushed to the V3 users as of yet. Personally the Sandbox feature in V4 feels very much like a Beta to me.

Until the sandbox issue is solved I'd stick to using Sandboxie or Returnil.


	Logged

How To Install Comodo Firewall

How To Stay Safe While Online

APACHE

Comodo Family Member

Offline

Posts: 94

Re: Problem with CIS

« Reply #4 on: March 31, 2010, 09:38:39 PM »

Quote from: Chiron on March 31, 2010, 09:23:36 PM

I've got a copy of v3 & v4 and just reinstalled v3 back on this PC. v4 still seems to be a little to buggy.
I can run my malicious file test on the other computer with the VMWare. Tip; If your not very careful with Returnil it will cause blue screen events on Windows 7.

Thanks
APACHE


	Logged

Tags:

Pages: [1]

« previous next »

Jump to:

SSL Certificate

Free Virus Removal

Firewall

Page created in 0.041 seconds with 20 queries.

Design by 7dana.com