OmeletGuy, pls. check you pm folder. sent you the sample. password is infected
languy99, thats the problem. i guess it needs to be fixed.
i’m using proactive internet security and more importantly i could able to see below entry under D+ → My Protected Files = %windir%\system32*. So, logically i guess an alert or entry should be blocked. or else am i missing some thing??
Can you please send me PM me the link for the malware? Also can you please try without Sandboxie inside a virtual machine? IT is quite possible that Sandboxie redirects the file system requests and the actual file modification is not really the hosts file but something else. This might be the reason.
However lets be sure. Pls PM me the link and let me test.
There we go again… hey man, this guy is LAUNCHING an INSTALLATION program! So what did you expect? wanna install something and then tell D+ to block it??? While I am using CIS3.9 and love it, still think Comodo could/should something about this kind of passing the ball back to user situation… and my threatcast still not working… ■■■■… >:(
i'm using proactive internet security and more importantly i could able to see below entry under[b] D+ --> My Protected Files = %windir%\system32\*[/b]. So, logically i guess an alert or entry should be blocked. or else am i missing some thing??
The install.exe did not try to access this Path…
Because it was running in the Sandbox, it tried to access this Path instead…