hi
- Product version: COMODO Internet Security 7.0.308911.4080 BETA
2.Operating System:windows 7 ultimate (x32) runing by VMware Player
3.Configuration: Default IS configuration - comodo can not respond to malware software
link dawolaod video
It looks like it ran as partially virtualized. Also, were you running XP or Windows 7? Good job testing this one. I finally figured out how to watch your videos. ;D
Note: If you put these videos on YouTube it might be easier. You could make them private videos so that only people with the link could watch them. Just a suggestion.
[quote author=ad18 link=topic=101742.msg738513#msg738513 date=1391725461]
It looks like it ran as partially virtualized. Also, were you running XP or Windows 7? Good job testing this one. I finally figured out how to watch your videos. ;D
Note: If you put these videos on YouTube it might be easier. You could make them private videos so that only people with the link could watch them. Just a suggestion.
Thank you for reporting this. From what I can tell you created this to show that a piece of malware which is sandboxed as Partially Limited, under the default settings, is able to communicate without triggering a Firewall alert. Is this correct?
If so, this is not a bug, but sadly a side-effect of the fact that by default all outgoing connections are allowed. If so, you have already created a formatted wish (which has been added to the tracker) here.
Is this what the bypass was, or is there another action which this particular sample was able to accomplish, which is supposed to be blocked by the default configuration?
Thanks.
Thanks for putting it on YouTube. :-TU
You are welcome!
sd ahmad, please answer the questions I asked above. I need to be able to fully understand this in order to judge whether it is a bug or not.
Thank you.
Malicious code based on the full control of the system by hacker
It was controlled by the mouse hacker Internet was slow but the piece was not able to closing
Comodo
You can take any one of the two
Malicious code has been modified and this new video
AND It can also destroy files, but the Internet was slow
I skimmed through that video. From what I saw the other person thought they could close CIS and delete a file on the desktop. However, from what I saw it looked like CIS was not altered and no folders were deleted.
Therefore, Iβm a little bit confused. Was this code actually able to bypass CIS, or did the other person just boast that it could without providing any evidence?
The reason twice the speed of the internet and the hacker could not delete the files but was able to
Stealing files
He has also been deleted files in another test to my friend on Windows 8.1 and succeeded because of that the Internet was fast
Under Partially Limited I believe it is possible for an application to delete files. However, it will not be able to delete files which are flagged as Protected Files and Folders.
Please send me another PM with the sample and I will forward this to the devs for investigation. They will be better able to assess whether this is expected or not.
Thank you.
If it agrees to my terms will send the sample :azn:
As I said before, I can not make any promises that if it protects the Comodo community the devs will not add a hash for this to the AV database. I still do not understand why that would be a problem. You can simply add it to your own exclusions. :o
Are you willing to provide the sample without the conditions you requested? If not then Iβm afraid that I wonβt be able to forward this bug report to the devs as without the sample they will not be able to investigate the issue.
Thanks.
I am I do not have any problem in giving you the sample, but the sample is not a monarchy, and is the only means for the tests do not need to add the sample to the base of Av
This sample was designed to test the strength of protection programs are not used for other purposes
Your English hurts my brain and your reasoning is hurting my common sense. Your so-called report has questionable informational value at best. But as far as practical usefulness goes, you might as well share photo of UFO and declare it as ultimate truth.
Iβm sorry, but in the interest of Comodoβs community (and after discussing this with others) I cannot forward a sample with the condition that if Comodo finds it an immediate danger to the Comodo community they cannot produce a signature for it. The safety of the community always comes first. Also, your reasons for refusing to allow it to be added (which they may not do anyway) does not make sense. I really do not understand why it would be a problem for you if a signature were to be added. Itβs not like Comodo would be stealing your intellectual property.
Thus, as I am worried that more may be going on then I understand, I will move this report to the non-format section, and not forward it to the devs. The only way this can be forwarded is if you are willing to supply Comodo with the sample, understanding that if there is a very good reason for it they may add a signature.
Thank you.
CIS version 7.0.313494.4115 Final has just been released. Therefore, if the issue still occurs please create a new bug report for it in this section of the forum. The required format is provided in this post. Just copy and paste the code. Then replace the question marks with your responses.
Iβm sorry, but as the most recent release is no longer in Beta the Beta bug reporting format can no longer be used. I will therefore move this report to Resolved. If the issue still occurs please do create a new bug report.
If you have any questions please feel free to ask.
Thank you.