Author Topic: CPF PASSED Zapass Trojan Test  (Read 7182 times)

Offline rki

  • Comodo Family Member
  • ***
  • Posts: 89
  • Rootcontest.com
    • RootContest - Home of Elite Wargames
CPF PASSED Zapass Trojan Test
« on: September 16, 2006, 07:35:41 PM »
Greetings,

Source 1
Source 2

From Ian "Gizmo" Richards
Editor
Support Alert Newsletter
http://www.techsupportalert.com
****************************
Quote
""Can the Security Product Detect Process Injection?""

I used the ZapAss test program that injects an implant into a running process and then downloads a file using that process.

None of the security  products tested  warned of the process injection. Simple as that.  Better get out your IDS  program ;>)

rki: I'd reply by saying....You should have included COMODO Personal Firewall onto your test and see what happens!

--Furthermore..............
And another quote from The Whirly Wiry Web team(Source 2)
Quote
Masquerades vs Implants
ZoneAlarm is rightfully considered the best software firewall available, using advanced techniques to identify applications that request access to the Internet. ZoneAlarm was initially the only firewall that successfully withstood Steve Gibson's LeakTest 1, a test trojan that masquerades as a trusted application.

rki: No, ofcourse, CPF also Passed with flying colours!



Now, you may all be wondering what I'm I talking about?

-"It's all about the zapass trojan test" - Zapass is a harmless test trojan that can inject an implant in whatever process running, including Internet Explorer, Netscape Navigator, Opera, Outlook or even Notepad! .
Yes it is HARMLESS because I've tested it SEVERAL TIMES


My Results with CPF+zapass!!!
- I tried injecting CTF Loader with the zapass trojan and CPF pops out with a message "zapass.exe has modified ctfmon.exe in memory. This is a typical of virus.Trojan and spyware behaviour" Injection Failed.

- Tried Injecting mIRC & MSN messenger

- Issue download - Failed

- Issue Lifecheck - Failed

- Screen shot attached below

- Description: application Access Denied (ctfmon.exe: 127.0.0.1:8080)
  Application: C:\WINDOWS\system32\ctfmon.exe
  Parent: C:\WINDOWS\explorer.exe
  Protocol: TCP Out
  Destination: 127.0.0.1:8080

Now, has you've seen CPF has an advanced techniques in identifing and noticing applications that request any Outgoing access to the Internet. CPF has no compitetors when it comes to the question of "what's the Best Firewall today", there's just no firewall that comes 2nd to CPF and I hereby request for all we the users to give a special thanks to the COMODO TEAM starting from the CEO(Melih) down to its Developers and Admins/Mods for putting down such a GREAT/FREE Products OUT.

NB: The mods are allowed to edit my post to suite their needs in any form they may want to change/add to it !



Thanks,
rki.

[attachment deleted by admin]
« Last Edit: September 16, 2006, 07:52:26 PM by rki »


RootContest.com - Home of Elite Wargames.

Offline rki

  • Comodo Family Member
  • ***
  • Posts: 89
  • Rootcontest.com
    • RootContest - Home of Elite Wargames
Re: CPF PASSED Zapass Trojan Test
« Reply #1 on: September 16, 2006, 07:38:06 PM »
Greetings,

Here's mine: Thanks to the COMODO's TEAM





Thanks,
rki.


RootContest.com - Home of Elite Wargames.

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14692
    • Video Blog
Re: CPF PASSED Zapass Trojan Test
« Reply #2 on: September 17, 2006, 09:46:52 PM »
can you pls email Ian the Gizmo!

Obviously he does not know about CPF and is a guy who should be aware of CPF so that he can inform his users.

Lets all get in touch with him.
thanks
Melih

Offline Nikos

  • Comodo Loves me
  • ****
  • Posts: 153
Re: CPF PASSED Zapass Trojan Test
« Reply #3 on: September 18, 2006, 12:36:59 AM »
Thanks to the COMODO's TEAM for such Great Products and thorough Help Support!
Keep upthe Good work!

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek