Review/Test CIS 5.4 on youtube from victorh2007
subtitle in English → (cc-Button)
How was it possible, that malware was able to pass CIS 5.4???
There were infections, detected by malwarebytes and hitman.
Are there any answers?
Thos files were as unrecognized files.
They couldn’t do anything bad.
Files are easily dropped in default setting (partially limited).
The best option regarding security is “blocked”.
You can set it after installing favorite applications.
Actually I think that perhapse partially limited is not enought as default setting…
Thanks for the link, very good channel. On a par with Languy’s and PegHorse’s.
System didn’t get infected, nothing was in memory, normal user even wouldn’t know about any malware in computer, bacuse they wouldn’t be active, he wouldn’t feel them.
As far as I can tell after the reboot nothing was running in memory according to Malwarebyes and Super Antispyware. Hitman Pro also only showed dropped files. In short there were files dropped and a couple of registry keys written but nothing ran in memory.
The Santander bank Actualizador only ran because it was started and then it would be sandboxed. When the user would click no because unknown program wants to access the web the user will be protected.
But I prefer a perfectly clean system after restart (so I use sandboxie), it’s my personal opinion, nothing wrong with comodo, the system is safe, at least in this case. It’s weird to me that, in others tests, the computer was totally clean after reboot…so I’m wondering …why?
It depends on where the malwares used for testing drop their files.
After earing all the test, in the end the testers thinks that the Automatic sandbox virtualizes malware, which is a false statement.
Just like eric said, The files detected from both MalwareBytes and HMP probably where just dropped files.
This new test shows that CIS is very effective if you only set the automatic sandbox on “limited”…then the system is clean!!
I dont understand one thing. I have seen many Rising AV Tests where after the tests there were no active threats. Malwarebytes found registry & file entries like here in the Comodo test. But for Rising people say its a bad AV & for Comodo they say these are dropped files, why? When the things are same in both the cases, no active threats & few registry & files entries.
If that is the case, then most people don’t understand what they’re seeing.
In the second test results were actually better.
In the first test sandbox allowed values to be written to registry, in second did not. In the second test there were only files in temporary folders.
I hope the Comodo correct these flaws.
In one of the test there were no active threats & malwarebytes found few registry & file entries. But hitmanpro found files in windows system 32 & some roaming folder & also mentioned some windows security is changed so it will replace it with the original. So this means the system was infected though there were no active threats, m I right?
May be I can say the system was polluted >:-D >:-D
I haven’t looked at the second video but CIS didn’t let the computer infected; as long as malware aren’t active in memory nothing will happen.