bypass v5.10.228257.2253 (dll malware, QQ pass)

a256886572008 · May 22, 2012, 1:13pm

I add it to the list, “always sandbox”

languy99 · May 22, 2012, 1:14pm

go to the firewall tab, firewall behavior settings and turn off “Do not show popup alerts” does it still have access while in the sandbox?

a256886572008 · May 22, 2012, 1:34pm

2.The firewall was in “safe mode”

3.So, there were no firewall alerts

languy99 · May 22, 2012, 3:39pm

that is not what I asked you to check.

a256886572008 · May 31, 2012, 4:22am

test the malware with DW:

1.DW trusts this file

“photo.exe”

2.DW untrusts another file

“MSDTCTM.dll”

3.The user double clicks on the photo.exe

4.result: DW untrusts the photo.exe