Author Topic: Please report any malware that can bypass CCAV !  (Read 5348 times)

Offline akazanci

  • Newbie
  • *
  • Posts: 5
Re: Please report any malware that can bypass CCAV !
« Reply #15 on: December 31, 2016, 03:03:13 PM »
Hi, I am a new member and using the CCAV for 3 months. I just want to give a little help as I could.
I am a teacher. We use a lot of usb disks eachother and ve have got so many trojans and malwares on the disks.

I was using 360 total sec. and CCAV could not find some files that 360 Total could.
I do not want to compare... Just want to improve my  CCAV.
I dont know how I can show these to you...May be the name:
For example :  Gen:Variant.Coantor.28

I scanned two times but he newer find a problem.
If you ask me something I will be happy.

Offline Graham1

  • Comodo's Hero
  • *****
  • Posts: 1890
Re: Please report any malware that can bypass CCAV !
« Reply #16 on: December 31, 2016, 03:33:28 PM »
May I ask how would we know if the file was malware? The way I see it (please correct me if I'm wrong) but if CCAV was unaware of a file (which could be legit) it would automatically get sandboxed. If a file was malware and was somehow allowed to run (say, trusted by user) CCAV wouldn't alert us unless cloud detection (antivirus) said otherwise. In this scenario, it is likely the infected file would be going about it's business without the user even knowing.

I think it would be useful to show a flow diagram how files (trusted/untrusted) are processed within CCAV and CIS showing the strengths and weaknesses of each.

:)
« Last Edit: December 31, 2016, 03:49:30 PM by Graham1 »
Ubuntu 20.04 LTS | Chromium | uBlock Origin | Privacy Badger | HTTPS Everywhere
https://www.thevenusproject.com | Beyond Politics Poverty and War

Offline akazanci

  • Newbie
  • *
  • Posts: 5
Re: Please report any malware that can bypass CCAV !
« Reply #17 on: December 31, 2016, 05:55:47 PM »
Here is the Malware detection problem:

Offline yigido

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 6077
Re: Please report any malware that can bypass CCAV !
« Reply #18 on: December 31, 2016, 06:19:58 PM »
Dear Kazancı,

Can you please recover the file from 360 Security's quarantine and upload it to Virustotal. https://www.virustotal.com/tr/
I think your USB drive infected via worm virus, which shown as "shortcuts" in your drive with the same name of your files.

By the way, we have Turkish section on Comodo, if you believe you can explain yourself better in Turkish. Please open a new topic
https://forums.comodo.com/turkce-turkish-b31.0/
I am also another Turkish user of Comodo.

This section of forum must be in English, and your issue is not a by-pass of CCAV. It is just lack of signature to detect that malware.
Please open a new thread and explain in Turkish, even [at]SARTEK will assist you via remote control.  ;)

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14692
    • Video Blog
Re: Please report any malware that can bypass CCAV !
« Reply #19 on: January 01, 2017, 04:42:09 PM »
Here is the Malware detection problem:

Bypassing: Jumping out of our Containment
Detection: detecting malware or not.

two different things...

Offline akazanci

  • Newbie
  • *
  • Posts: 5
Re: Please report any malware that can bypass CCAV !
« Reply #20 on: January 02, 2017, 03:46:53 PM »

By the way, we have Turkish section on Comodo, if you believe you can explain yourself better in Turkish. Please open a new topic
https://forums.comodo.com/turkce-turkish-b31.0/


This section of forum must be in English, and your issue is not a by-pass of CCAV. It is just lack of signature to detect that malware.
Please open a new thread and explain in Turkish, even [at]SARTEK will assist you via remote control.  ;)

[/b]

Thank you for your advice. You are a very positive man. I opened a new topic. Really thanks.   (CNY)


Bypassing: Jumping out of our Containment
Detection: detecting malware or not.

two different things...
[/b]

Dear Melih, I used to think that "by-pass" would be jump of a bandit from the wall instead of the fortress gate, unaware of the castle guardians, ;)  So, thank you for your logical teaching using just a little sentences.   (CNY)

Offline BuketB

  • Comodo's Hero
  • *****
  • Posts: 898
Re: Please report any malware that can bypass CCAV !
« Reply #21 on: January 03, 2017, 08:32:51 AM »
Hi akazancı,

Detection for the sample you shared has been added in the blacklisting of our signature database. It will be available by version No DB 26391.

For your information

Kind Regards
Buket 



Thank you for your advice. You are a very positive man. I opened a new topic. Really thanks.   (CNY)




Dear Melih, I used to think that "by-pass" would be jump of a bandit from the wall instead of the fortress gate, unaware of the castle guardians, ;)  So, thank you for your logical teaching using just a little sentences.   (CNY)

Offline Jon79

  • Comodo's Hero
  • *****
  • Posts: 1123
Re: Please report any malware that can bypass CCAV !
« Reply #22 on: January 23, 2017, 03:57:50 AM »

Offline Umesh

  • Comodo Alumni
  • Comodo's Hero
  • *****
  • Posts: 3421
  • Comodo Alumni
    • COMODO
We can't stop malware entering user's PC but we render them use-less when they enter PC: Welcome to Comodo's Default Deny innovation

Offline Jon79

  • Comodo's Hero
  • *****
  • Posts: 1123
Re: Please report any malware that can bypass CCAV !
« Reply #24 on: January 26, 2017, 05:24:50 AM »
Good job  :-TU

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek