CIMA report:
http://camas.comodo.com/cgi-bin/submit?file=d274ca5984c2d3b88c2d1ace1c205b28231c07557ad728562e7dddbabf2e3691
1.double click on the malware
2.the malware is partially limited
3.the screen become blue
4.the cursor is locked by the malware
5.so, I can not click on the buttom,“Clean”
CIS sandbox can not block the action of the malware, “direct access cusor”
[attachment deleted by admin]
i dont think this is a bug it just isnt enough restrictions to stop it from giong into full screen. if you change the sandbox to higher restiction it should block it
this is already known and it should be fixed in v6. it shouldnt be able to infect the system
1.CIS can block this action when the user modifies the settings from “partially limited” to “limited”
2.and the screen does not become blue after the user double click on the malware.
defense+ report:
2011-07-10 09:11:13 C:\Documents and Settings\Roger\桌面\VIRUS\挑战系统和安全软件\挑战系统和安全软件.exe Direct Keyboard Access
Can i have this sample?
Please PM me
I tested it and Comodo sucesfully blocked malware to get control over the cursor.
The fact is that malware blocked all my screen (i was discussing about this with Egemen and Comodo won’t prevent this action due to confusion it may do).
I hope that they do something like this in the next version → https://forums.comodo.com/wishlist-cis/program-sandbox-isolation-improvement-ideas-t72688.0.html
I know it is a lot of reading. Bottom line is that anything sandboxed would be inside a window that you can control.