06.12.2011, 15:14
ichito napisał(a):Ciekawe czy potwierdzicie te wyniki: Comodo przepadł, GW zaliczył
[Aby zobaczyć linki, zarejestruj się tutaj]
Cytat: Interesting scenario with zeroaccess rootkit. Tested with Comodo HIPS and GesWall
Comodo Defence plus SAFE mode, sandbox enabled, firewall safe mode, AV turned off
GesWall- passed with
- only dll isolated or
- dll and flashplayer.exe both isolated.
ten użytkownik napisał kolejnego posta:
Cytat: i did testing with win 7 in VBox in ubuntu host. CIS on default settings but AV was not installed.
Tried on XP under cover of CTM with same settings but strange thing appeared. Day before yesterday, it was giving a pop up alert that flash...exe wants to get unlimited access, it''s signed but not white listed by comodo, do you want to allow, or sandbox or block. If sandboxed, all is ok but if allowed rootkit is installed. Yesterday i tried again and strangely it says that this eye wants unlimited access but it''s unsigned. That is strange really. I am not able to get previous alert at all.
No such alert on win 7 or may be it''s due to vbox. Can any one test on real win 7 system or vmware?
Also tried with proactive mode with sandbox off. It gives many pop up alerts and is a pass for comodo . I wil post screenshots later.
OA doesn''t give any alert at all but i need to confirm this. I wil post later.
Sorry that i could not test DW and SBIE but i see no reason for them to pass this test.
Comodo nie działa poprawnie na Virtual Boxie (jakies elementy Defense + nie moga wgrac sie poprawnie). Testował później na realnej maszynie i wszystko zadziałało.
[Aby zobaczyć linki, zarejestruj się tutaj]