Author Topic: AV 2009 (Not being Detected)  (Read 11592 times)

3xist

  • Guest
AV 2009 (Not being Detected)
« on: September 12, 2008, 09:31:57 PM »
I assume we can also send files that are NOT being Detected by CAV 3.

I  zipped & submitted AV 2009 with Subject "INFECTED" and password "infected". Does CAV Also Detect Rouge Software? Anyway it's off to the labs.

Josh

3xist

  • Guest
Re: AV 2009 (Not being Detected)
« Reply #1 on: September 12, 2008, 09:35:53 PM »
Here is the Report by CIMA.

Josh

[attachment deleted by admin]

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14705
    • Video Blog
Re: AV 2009 (Not being Detected)
« Reply #2 on: September 12, 2008, 09:39:35 PM »
keep sending them to us pls..
thanks
Melih

3xist

  • Guest
Re: AV 2009 (Not being Detected)
« Reply #3 on: September 12, 2008, 09:41:33 PM »
keep sending them to us pls..
thanks
Melih

:)

Offline DarthTrader

  • Comodo Member
  • **
  • Posts: 44
Re: AV 2009 (Not being Detected)
« Reply #4 on: September 12, 2008, 10:25:05 PM »

Offline Ronny

  • Retired - Product Translator
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 13551
  • Retired - Volunteer Moderator
Re: AV 2009 (Not being Detected)
« Reply #5 on: September 13, 2008, 04:25:01 AM »
The "problem" is this.

If you have a rouge AV download then if you try to install it it looks like a normal application and you have to press buttons like next and finish.

BUT !! if the Malware downloader is active it will "pre-script" it and silent install the AV.

I'm not sure if CIMA can "play user behavior" already.
Retired - Volunteer Moderator
Any concerns? Please send me a PM or review the Forum Policy -  update Jan 3rd 2013!

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14705
    • Video Blog
Re: AV 2009 (Not being Detected)
« Reply #6 on: September 13, 2008, 07:39:42 AM »
The "problem" is this.

If you have a rouge AV download then if you try to install it it looks like a normal application and you have to press buttons like next and finish.

BUT !! if the Malware downloader is active it will "pre-script" it and silent install the AV.

I'm not sure if CIMA can "play user behavior" already.

you are 100% right Ronny. We are working on the user behaviour simulation.

Melih

3xist

  • Guest
Re: AV 2009 (Not being Detected)
« Reply #7 on: September 13, 2008, 07:46:01 AM »
you are 100% right Ronny. We are working on the user behaviour simulation.

Melih

So you guys can also detect Rouges with this behavior simulation? I guess part of the reason is also Heuristics which you mentioned will be available in the coming months...

Josh

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14705
    • Video Blog
Re: AV 2009 (Not being Detected)
« Reply #8 on: September 13, 2008, 07:48:16 AM »
So you guys can also detect Rouges with this behavior simulation? I guess part of the reason is also Heuristics which you mentioned will be available in the coming months...

Josh

yes it will detect the tricks malware authors put requiring user interaction. CIMA already uses Heuristic but like you said, we have even better heuristic coming soon.

Melih

3xist

  • Guest
Re: AV 2009 (Not being Detected)
« Reply #9 on: September 13, 2008, 07:50:22 AM »
yes it will detect the tricks malware authors put requiring user interaction. CIMA already uses Heuristic but like you said, we have even better heuristic coming soon.

Melih

Yes I know Heuristics is in CIMA already. :)

And looking forward to it!

Josh 

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek