Author Topic: Antivirus protection weak in tests Ransomware (Protects only 3 of 10 tests)  (Read 616 times)

Offline Felipe2014

  • Newbie
  • *
  • Posts: 11
Good Morning,

The most dangerous plague of recent times is ransomware.
HIP / Sandbox completely blocks, but the antivirus does not detect.

Protects only 2 of 10 testicles

Follow the link of the test tool (It is not virus)
KnowSe4 RanSim (https://www.knowbe4.com/ransomware-simulator)

I'm waiting for this tool to be improved

Thank you
« Last Edit: March 03, 2017, 07:09:27 AM by Felipe2014 »

Offline Ionel

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 2512
Re: but the antivirus does not detect KnowSe4
« Reply #1 on: February 08, 2017, 07:23:22 AM »
Hi Felipe2014,

The reported application is a test tool and there is no need to detect it. It's a legitimate application designed for testing purposes only, it does not harm the user, it takes no malicious actions.

Regards,
Ionel

Offline Felipe2014

  • Newbie
  • *
  • Posts: 11
Re: but the antivirus does not detect KnowSe4
« Reply #2 on: February 08, 2017, 10:50:38 AM »
Hello,

I know that this does not affect the system, but it does 10 tests, the antivirus software only blocks 2 tests.
Another antivirus vendor blocks all 10 tests.

In order to improve the antivirus product of the comodo, it should block the 10 tests.

Is it possible to improve?

Thank you

Offline Felipe2014

  • Newbie
  • *
  • Posts: 11
Dear,

I did a new test and the antivirus did not block the vunarabilidad.
Blocking the test software is the easiest way.

Protects only 3 of 10 tests

Is not the comodo going to work to correct the vunarabilities?

Thank you
« Last Edit: March 03, 2017, 07:09:08 AM by Felipe2014 »

Offline wasgij6

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5496
Dear,

I did a new test and the antivirus did not block the vunarabilidad.
Blocking the test software is the easiest way.

Protects only 3 of 10 tests

Is not the comodo going to work to correct the vunarabilities?

Thank you

This part of the forum is only for submitting false positives and undetected malware. If you have found a vulnerability then i suggest reporting it in the bug section using the required bug format.
| Win 10 Pro (x64) | UAC Disabled | CCAV | Intel i7 4770k | Asus Maximus VI Formula Mobo | Asus GeForce GTX 780 | G.Skill TridentX 32gb RAM | Samsung 850 Pro SSD |

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14588
    • Video Blog
Dear,

I did a new test and the antivirus did not block the vunarabilidad.
Blocking the test software is the easiest way.

Protects only 3 of 10 tests

Is not the comodo going to work to correct the vunarabilities?

Thank you

:) Lets start from the top.....it says we are vulnerable to InsideCryptor......
what does it do?...it encrypts files and overwrites the original file...

How will it do it while running inside containment?

of course it can't....so we are not vulnerable.....

LockyVariant.....same...
Mover......same....
Replacer.....same...
Streamer.....same...
ThorVariant.....same...
WeakCryptor....same....

I hope you realize while running in containment you cannot modify the original file...which means all of the above fails!

 

Seo4Smf 2.0 © SmfMod.Com Smf Destek