Avast 7 can not automatically sandbox the malware downloaded from Blackhole exploit kit.
XP Pro SP3 32bit partially limited --> popup an alert window limited --> popup an alert window restricted --> block automatically untrusted...
sandbox level: partially limited
switch to "block" ;D [ATTACH]
The manual sandbox will be disabled, too.
1.exit comodo 2.delete these files C:\Program Files\COMODO\COMODO Internet Security\database\vendor.h C:\Program Files\COMODO\COMODO...
If the user adds an item to the protected files, then COMODO auto sandbox will block it. ?:\* ----------------------- So, the problem is...
This method is only for the user who enables "auto sandbox".
There will be no additional popups if you add this rule and enable "partially limited".
CIS auto sandbox can block the malware by adding one rule to the protected files and folders. ?:\* [ATTACH]
http://www.matousec.com/projects/proactive-security-challenge/results.php [ATTACH] [ATTACH] [ATTACH]
BB might be deceived by the trojan Sinowal/Mebroot, because the process of the malware is regsvr32.exe. Threatfire is bypassed by the malware.
1. I went to the exploit url, comodo popuped alert windows, but AVG link scanner did not. :o [ATTACH] 2. Then, I clcked on the button,...
1.I went to the exploit url, comodo popuped alert windows, but threatfire was not. [IMG] [ATTACH] 2.I opened the active process list from...
CIMA: http://camas.comodo.com/ FVS: https://valkyrie.comodo.com/ site inspector: http://siteinspector.comodo.com/public
They both failed. :(
1. double click on the malware 2. the fake blue screen is out 3. AVG IDP popups an alert window 4. rollback 5. failed :-[
Treat unrecognized files as partially limited the language of the OS 1.Traditional Chinese failed to block 2.Simplified Chinese...
There are two ways to prevent the COMODO sandbox from being bypassed by the TDSS rootkit. 1.choose Limited [ATTACH] OR 2.right click...
1.When you double click on the infected usb disk, explorer.exe executes rundll32.exe with command line. But OA does not popup an alert window....
This ia a dll file, not a exe file. So, you can not execute the virus with "run safer"
There is not a check box, "run safer", in the alert window. :gack:
another virus which bypass OA 1.copy the two files to usb disk Thumbs.lnk AutoRun.Inf 2.double click on the disk of the usb 3.OA popup...
[ATTACH] I download the OA++ in the following website. http://www.online-armor.com/downloads.php
1.The virus is in the Chinese language path. [IMG] 2.The virus is in the English language path. [IMG] [IMG] [IMG] Conclusion:...
Separate names with a comma.
