CCE Review on YouTube

Take look at Matt’s video review of CCE:

He reinforces the need for a bootable CD with CCE (posted many times in the wishlist). CCE seemed to have performed well.

Whoop

after 20 emails with leader of cce team i can say that new ver will have force breach mode and something else which is my idea ;>

thats really good to hear.
when are we supposed to get this new version

any hints on the “something else” which is your idea

let’s say that is ‘network connection restoring’. new ver? its very close.

He removed it.

Wonder why?

hmm, maybe he found out that the results are technically impossible to achieve ;D
just kidding of course … !
what were the results anyway ?

He infected a windows 7 machine with a few malware samples (not sure which ones) and the infection blocked his internet connection. He copied CCE onto the compter and ran a scan. CCE cleaned the computer. After reboot, MBAM scan was completely clean, and his internet connection was working again.

He complained that the download link for CCE does not include the latest AV updates within CCE, so if you do not have an internet connection on the infected computer, you have to download the latest definitions and manually add them to CCE (and that is a pain in the ■■■■, and is not very user friendly). He also noted that a bootable version would be most ideal. He did not review Killswitch in this video.

In general, I agree with everything he said in the video. I was glad to see CCE do well on this one test, but I would like to see how CCE does after throwing a bunch more stuff at it (especially rootkits).

I do suppose that would be a logical thing to have in reference to having it be totally up to date when downloading a fresh version, but here is another idea. I do not know if this has already been discussed somewhere but, wouldn’t it be logical (if this program was stationed on a flash drive) to have it update itself when the flash drive is plugged into a USB port. Even though your system may be infected, are you still able to access the Internet to do so after your modem and prior to your computer? I need to test that for myself.

Roger

In the video review Matt could not access the internet. period! He had to use a second clean computer to download the virus definitions and copy them over to the infected PC. CCE needs to run in as a bootable version of linux so it can be in a virus-free environment with internet access. Starting CCE in this way will also make it easier to remove rootkits since they won’t be initialized and all their cloaking techniques will be inert.

Matt posted on his You tube page:

mrizos
I’m re-doing the CCE video. It sucked, and I need to make it…right. Sorry guys.

Apparently another CCE test is coming soon. Keep an eye on Matt’s Youtube page.