App Review Comodo FW bypass malware the sandbox (sandbox hips off + on) and voodooshield (autopilot)

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
There so many possible instances that Comodo Sandbox may bypass like:
  • Influence of cloud rating
  • Signatures
  • Behavior pattern
But in such concept, any file no matter if file-less or what so over; once run on sandbox then anything will be intact virtualized thus the traces will not cause leakage.

For sure it can be human error or such mistaken to the configuration. unless I'm wrong.
 

TheMalwareMaster

Level 21
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
No, why do you say that? He just said that the other AI engines also didn't detect the malware.

I don't think so.
I think the dev just meant that it's not only VAi that got the file as "safe" because even those 3 marked the file as safe.
I thought he was talking about Voodoo AI, instead he was meaning those other AI engines. I understood, thank you
 

Brahman

Level 16
Verified
Top Poster
Well-known
Aug 22, 2013
799
Maybe as Cruelsister stated you cannot run both together, both are similar in their actions, therefore Voodooshield could be blocking Comodo, but you are unaware of it.

I have seen " comodo virtual service manager" getting turned off at times if you install comodo after installing voodoo. I don't know for sure if this is reproducible or is the cause of misbehavior.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I have seen " comodo virtual service manager" getting turned off at times if you install comodo after installing voodoo. I don't know for sure if this is reproducible or is the cause of misbehavior.
I was running a CFW and VS combo at the time that this video was published, and the comodo virtualization worked just fine
 

Davidov

Level 10
Thread author
Verified
Well-known
Sep 9, 2012
470
voodooshield not already bypassed by malware
1) Large detection VT
2) The suspiciously for UI
3) Maybe Even the developer took Precautions against bypass in cloud UI
These are my guesses
4)Maybe even with Comodo voodooshield together produced a mistake.

Testing the free version (lockdown) with modifications + premium (lockdown)+ autopilot everything clean

Try again later samotny Comodo Firewall .-))

thanks for watching

part1)

After rebooting pc

part2)
 
Last edited:

Davidov

Level 10
Thread author
Verified
Well-known
Sep 9, 2012
470
comodo has once again shown itself to be buggy and produce unpredictable behavior.
at least voodooshield is trying to learn from mistakes

Valkyrie recognize the file as malware, but it still takes commodes FW file as safe (Installer) file? How is it possible.

Well, I tested AutoSandbox it is useless again be infected because the file is safe by Comodo.A sandboxed not like yesterday.

Advanced File Analysis System | Valkyrie

 

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
David- at 22 seconds of the video above (and at 22 seconds of the original video) there is a Sandbox setting in the 3rd position. This is a general setting that had to be created as it is not default. At Default Comodo would only have the General settings in positions 4, 5, and 6.

As a comparison look at the 49 second mark of my video (post 29). You can disregard the first 2 (Ignore) as these are specific to SeaMonkey and Java.

So where did this General Rule on your video come from?
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top