Author Topic: [CTM 2.8 tested]Light virtualization software / Partial sandbox test  (Read 45488 times)

Offline Tech

  • Usability Study Member
  • Comodo's Hero
  • *****
  • Posts: 3027
I´m going to use Paragon Backup & Recovery Free Edition.
Well... I use partition backup, but this is not the same as a system restore (snapshot) tool.
Also, it does not protect against virus if you have an infected backup.
avast! team member
Save freeware snapshot technology of Comodo Time Machine. Vote!

Offline doskey

  • Comodo Loves me
  • ****
  • Posts: 123
Hi guys.
Thanks for your good work.
Please relax. This is not big deal. We can detect/defend such as rootkit simply.
We will add the feature for CTM on next version.

Thanks,
Doskey.

Offline dax123

  • Comodo Loves me
  • ****
  • Posts: 160
  • Big Clucker
Hi guys.
Thanks for your good work.
Please relax. This is not big deal. We can detect/defend such as rootkit simply.
We will add the feature for CTM on next version.

Thanks,
Doskey.
Thanks!!  ;D nobody did reponse like this  ;D
:)

Offline Tech

  • Usability Study Member
  • Comodo's Hero
  • *****
  • Posts: 3027
Please relax. This is not big deal. We can detect/defend such as rootkit simply.
We will add the feature for CTM on next version.
Thanks Doskey. As this is a problem will all snapshots/virtualization software, if you correct it, it won't be bad for the image of Comodo team development. We'll be proud of you.
Hope dax123 tests the new beta version.
avast! team member
Save freeware snapshot technology of Comodo Time Machine. Vote!

Offline Buster_BSA

  • Newbie
  • *
  • Posts: 4
I hope the fix is generic and not just a "hardcoded" solution specifically targeted to SafeSys and TDSS.

Offline acuariano

  • Newbie
  • *
  • Posts: 8
did it pass products like malware defender 2.71 ?

Offline aigle

  • Comodo's Hero
  • *****
  • Posts: 716
Hi Dax123, very nice work indeed. Thanks for that.

When you are going to complete the tests:

- TDSS2 versus virtualization software and
- Safesys/ TDSS! & 2 versus Sandboxes

I think, there is also TDL3? AM I right?

Thanks again

Offline Greg S

  • Comodo Family Member
  • ***
  • Posts: 89
Hi Dax123, very nice work indeed. Thanks for that.

When you are going to complete the tests:

- TDSS2 versus virtualization software and
- Safesys/ TDSS! & 2 versus Sandboxes

I think, there is also TDL3? AM I right?

Thanks again
Interested in this myself. The second tier of apps appear to be untested unless I'm mis-reading the results

Offline ssj100

  • Comodo's Hero
  • *****
  • Posts: 482
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)

Offline Greg S

  • Comodo Family Member
  • ***
  • Posts: 89
I think he's busy setting up his new "testing environment"?

http://ssj100.fullsubject.com/shadow-defender-f3/light-virtualization-software-partial-sandbox-test-t166.htm#1236
Ah, we have the same info there. I'd much rather read it on your forum. I've mentioned here before, the mechanics of this forum is extremely slow. Just typing this in takes about two minutes. Also if there's enough text in the reply box to warrant scroll bars, I can forget it. I end up typing blind because what I type appears below the reply box where I can't see it.

Offline Buster_BSA

  • Newbie
  • *
  • Posts: 4
Any idea when a new version patching this vulnerability will be released?

Offline dax123

  • Comodo Loves me
  • ****
  • Posts: 160
  • Big Clucker
Any idea when a new version patching this vulnerability will be released?

CTM is now updated to 2.8
I'm going to check it.
 
:)

Offline Tech

  • Usability Study Member
  • Comodo's Hero
  • *****
  • Posts: 3027
Many thanks dax123.
avast! team member
Save freeware snapshot technology of Comodo Time Machine. Vote!

Offline dax123

  • Comodo Loves me
  • ****
  • Posts: 160
  • Big Clucker
Many thanks dax123.
pleasure  ;D

PS: a Quick Test, with XP mode VPC, SafeSys triggered 0x50 STOP bugcheck.
After reboot, the system is not infected
and again: TDSS triggered 0x50 bugcheck, it seems that COMODO implemented a general protection.
I'm doing a further test to confirm this
« Last Edit: July 27, 2010, 02:59:27 PM by dax123 »
:)

Offline dax123

  • Comodo Loves me
  • ****
  • Posts: 160
  • Big Clucker
pleasure  ;D

PS: a Quick Test, with XP mode VPC, SafeSys triggered 0x50 STOP bugcheck.
After reboot, the system is not infected
and again: TDSS triggered 0x50 bugcheck, it seems that COMODO implemented a general protection.
I'm doing a further test to confirm this

CTM could not protect the MBR.
after executing WYH disk killler, system's removed permanently.
I think we might need a security software, cause CTM can't deal with MBR alone.

after second attempt comodo restored the system successfully. System is safe against WYH Disk Killer.

WYH Disk Killer: safe
Ghost's shadow: safe. but after a rollback, CTM uninstalls self.
SysAnti: INFECTED!!!!!!

[attachment deleted by admin]
« Last Edit: July 27, 2010, 05:02:37 PM by dax123 »
:)

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek