Comodo Internet Security 6 BETA Test and Review by Malware Doctor

NSG001 · October 20, 2012, 5:44pm

:-TU

http://malwaretips.com/Thread-Comodo-Internet-Security-6-Beta-Test-MalwareDoctor

Any questions about this video should be directed to reviewer:

spywar · October 20, 2012, 5:45pm

Thanks for sharing it ;D

wonderlust76 · October 20, 2012, 6:04pm

Something went wrong in the second part of the test, why automatic sandbox didn’t react?!

NSG001 · October 20, 2012, 6:04pm

Exactly my thoughts, no alerts whatsover ???

spywar · October 20, 2012, 9:18pm

He was on ProActive mode no ? So that explains why he had not any automatic sandbox alerts as BB is disable on Proactive mode …

clocks · October 20, 2012, 9:36pm

No he wasn’t. He said he was on the host machine, but not in the VM. He had it set to the default, Internet Security.

Whoop-dee-doo · October 20, 2012, 9:48pm

I watched most of the video (did a little fast forwarding). As far as I can tell, after he ran the malware files from his desktop, he:

Did not Show what happened when he tried to scan with Comodo
Did not show whether or not he emptied sandbox prior to rebooting
Did not show running processes in Killswitch after he ran the malware (the files shown in killswitch were still being analyzed when he cut the video! it would have been nice to see if the malware was restricted or viritualized when it initially ran, but he never showed this).
Did not say if he shut down his computer or did power-off because of a freeze.
Did not specify if he was running on a virtual machine, although he implied that he was on VM when he was talking about CIS configuration. So, which virtual machine? (Comodo does not work properly on all virtual machines).

The above information could be helpful to determine why he got those results.
Based on the CIS settings he showed, I too would have expected to see some behavior blocker alerts.
Maybe he can submit a bug report which includes the above info, so whatever happened can be addressed. Or maybe he can PM a mod with the malware files so we can try to reproduce the issue (and then we can submit the bug report).

spywar · October 20, 2012, 11:09pm

Ok, so why threats were not automatically cleaned ? And no autosandbox alert ? Do not understand …

khanyash · October 20, 2012, 11:44pm

He unticked the option “dont show alert” in AV.

Definitely something wrong in the second part, no autosandbox alert :o

Fake AV got installed & other malware & no autosandbox alert was there but MBAM didn’t showed any active malware?

Would he provide the 44 samples?

ahmedhhw · October 21, 2012, 3:28pm

When the AV is disabled COMODO’s icon changes to alert about it
When the sandbox is disabled COMODO’s icon stays the same
I am very suspicious about this test >:-D

spywar · October 21, 2012, 3:49pm

Me too …