- Apr 13, 2013
- 3,224
I'd love to test it now with VS installed but I'm about to board a plane back to NYC.
Comodo FW bypass malware the sandbox (sandbox hips off + on) and voodooshield (autopilot)
- Thread starter Davidov
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
- May 11, 2014
- 1,639
Enjoy your flight Cruelsister, maybe you could test this on board to pass the time! 
- Jul 3, 2015
- 8,153
you can't retest it on VS, because by now, the malware is known, and VS relies on VT.Either way, he should try and test it with only VoodooShield installed. That would get rid all doubts(...or not)
Default deny-people
VT has no importance, the concept in the original video is that VS didn't blocked it when "block" was pressed. Cruelsister just has to put VS on Always ON , she will get the prompt despite the file being rated on VT
- Jul 3, 2015
- 8,153
thanks for pointing that out.
autopilot has a lot of flaws. I stay away from it.
- Jan 4, 2016
- 1,022
Anyone knows which are the three big Ai vendors mentioned by VS developer on wilders?
Last edited:
- Nov 19, 2014
- 2,350
CrowdStrike Falcon (ML),Invincea and Tencent use machine learning. Qihoo-360 also claims to do that.
VirusTotal Blog: Search results for machine learning
- Jan 4, 2016
- 1,022
- Nov 19, 2014
- 2,350
Edited my reply for more info. Check it.
- Jan 4, 2016
- 1,022
So, basically Voodoooshield is using Crowd strike, Invincea and Tencent machine-Learning technique for Voodoo AI?
- Nov 19, 2014
- 2,350
No, why do you say that? He just said that the other AI engines also didn't detect the malware.
- Mar 1, 2014
- 1,708
I don't think so.
I think the dev just meant that it's not only VAi that got the file as "safe" because even those 3 marked the file as safe.
- Mar 15, 2011
- 13,070
There so many possible instances that Comodo Sandbox may bypass like:
For sure it can be human error or such mistaken to the configuration. unless I'm wrong.
- Influence of cloud rating
- Signatures
- Behavior pattern
For sure it can be human error or such mistaken to the configuration. unless I'm wrong.
- Jan 4, 2016
- 1,022
I thought he was talking about Voodoo AI, instead he was meaning those other AI engines. I understood, thank you
- Aug 22, 2013
- 886
I have seen " comodo virtual service manager" getting turned off at times if you install comodo after installing voodoo. I don't know for sure if this is reproducible or is the cause of misbehavior.
- Jul 3, 2015
- 8,153
I was running a CFW and VS combo at the time that this video was published, and the comodo virtualization worked just fine
- Sep 9, 2012
- 470
voodooshield not already bypassed by malware
1) Large detection VT
2) The suspiciously for UI
3) Maybe Even the developer took Precautions against bypass in cloud UI
These are my guesses
4)Maybe even with Comodo voodooshield together produced a mistake.
Testing the free version (lockdown) with modifications + premium (lockdown)+ autopilot everything clean
Try again later samotny Comodo Firewall .-))
thanks for watching
part1)
After rebooting pc
part2)
1) Large detection VT
2) The suspiciously for UI
3) Maybe Even the developer took Precautions against bypass in cloud UI
These are my guesses
4)Maybe even with Comodo voodooshield together produced a mistake.
Testing the free version (lockdown) with modifications + premium (lockdown)+ autopilot everything clean
Try again later samotny Comodo Firewall .-))
thanks for watching
part1)
After rebooting pc
part2)
Last edited:
- Jul 3, 2015
- 8,153
comodo has once again shown itself to be buggy and produce unpredictable behavior.
at least voodooshield is trying to learn from mistakes
at least voodooshield is trying to learn from mistakes
- Sep 9, 2012
- 470
Valkyrie recognize the file as malware, but it still takes commodes FW file as safe (Installer) file? How is it possible.
Well, I tested AutoSandbox it is useless again be infected because the file is safe by Comodo.A sandboxed not like yesterday.
Advanced File Analysis System | Valkyrie
- Apr 13, 2013
- 3,224
David- at 22 seconds of the video above (and at 22 seconds of the original video) there is a Sandbox setting in the 3rd position. This is a general setting that had to be created as it is not default. At Default Comodo would only have the General settings in positions 4, 5, and 6.
As a comparison look at the 49 second mark of my video (post 29). You can disregard the first 2 (Ignore) as these are specific to SeaMonkey and Java.
So where did this General Rule on your video come from?
As a comparison look at the 49 second mark of my video (post 29). You can disregard the first 2 (Ignore) as these are specific to SeaMonkey and Java.
So where did this General Rule on your video come from?