malware's bypasses Defence+ easily without alerts

Hey Guys Here is the Video of My Computer showing how the malwares bypass defence+ on my win7 x64 this is my first video so please forgive me if there are any minor mistakes Anyways i am not Languy99

thanks for the video, i am seeing the exact same problem on win7 x64 also

It is probably because one of the other utilities installed in your computer causing this issue. Everything is fine and we can not reproduce what you are seeing.

Other security tools can actually disable one another unintentionally. Pls try to see if this is the case for you.

sorry to ■■■■ in , egemen… but even if you copy files across partitions, you still cannot see them being trusted?

i suppose all of us who are seeing this issue should list all our security -related programs to see if we can narrow it down to a few suspects.

thanks.

i’m going to try this again on windows 64 bit, I had no problems with 32 bit. I’ll report my results

sorry but I can not reproduce it at all, what programs are you running on the system along with CIS??

[attachment deleted by admin]

The list of programs Running are as follows
Secunia PSI v2.0.0.3003
Speedfan v4.44
Systemexplorer v3.5.2.4147
shadow defender v1.1.0.331

i have also installed kingsoft pc doctor v3.0 ( it was not instlled at the time when i tested the malware or when the video was done)

Everything else seems to be sandboxed or working fine except the 4 malware files then too I think i will do a clean installation of windows 7 x64 and see if the problem still exist but then it would take atleast 10-12 hour to update till date and to post the results since my windows will take time to update since i am on a slow internet connection

see screenshots for all installed software

[attachment deleted by admin]

might be shadow defender, I will do some testing tomorrow on it.

In my machine all executables were considered safe. Unticking the automatically detect installers helped (at least partially) because the files were treated like installers in process list.

I am usin Malwarebytes on-acces scanner and Panda cloud but I DON*T have Comodo antivirus installed.
I always disable both programs before testing.
In version 5.5. D+ worked fine with the same configuration.

i have only mbam free and MSE. ???

anyway, i mainly see this problem when running executables from a non system partition for instance like the issues here

https://forums.comodo.com/format-verified-issue-reports-cis/unrecognized-file-marked-as-trusted-issue-262-t61787.0.html

and here

https://forums.comodo.com/format-verified-issue-reports-cis/sandboxd-bug-when-deleting-untrusted-files-t77569.0.html

however, MOUSE1 has an idea what may be causing it in this thread

https://forums.comodo.com/defense-sandbox-help-cis/i-still-wonder-what-disables-my-d-t77985.0.html

Ok Guys I did A fresh Installation of Windows 7 x64 updated till date And only installed CIS and nothing else and still the malwares were able to bypass defence+ so i guess there is no conflict from any software except there is a flaw in defence+ which needs to be fixed hope it gets fixed soon

Let me see what is going on in your computer. Can you please PM me your MSN messenger address so that i can get access to your PC and do some tests?

Yea sure why not and if you need admin prefrence i even have teamviewer installed on my computer you can test it through team viewer as well TeamViewer – The Remote Connectivity Software

loveboy_lion

if it’s not too much trouble, would you mind updating this thread if your problem was sorted? i’d like to try the same solution on my pc

Excellent. Pls PM me your MSN address and lets get this going.

I PM u my MSN address incase you miss it its loveboy_lion@hotmail.com msg me for full admin rights

And…what did you find out?

egemen still awaiting for your responce my msn id is loveboy-lion@hotmail.com and i am waiting eagerly for you to do your test on my pc since i am not using it unless you do your tests and conform results

Please note that you may not hear from him on the weekend.

Egemen checked and tested my Computer and is working on a fix he will do some tests after 10-12 hrs and also try some custom fixes etc so that the problem is sorted out as soon as possible cant say much exccept that There is no need to worry guys as we all know comodo is the best so the devs will take care of the rest