App Review Those Nasty RATS Part 5

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
I've talked about this issue since I joined this forum, some security companies listen some where rude and hostile. You can bypass Comodo with DLL drop using TVL files (tested a few days ago).
In real world scenario 90% (or even more) of security products fail against a malware that is more then basic.

Thanks for the video :)
 
  • Like
Reactions: tonibalas, XhenEd, FleischmannTV and 5 others
Excellent! The title could be "everything you ever wanted to know about Comodo configuration and you dind't know who to ask". HIPS FTW! I never trusted them sandboxes... So basically, with the HIPS on, you can avoid deleting the TVL, right?
 
Last edited:
  • Like
Reactions: XhenEd
NullByte said:
I've talked about this issue since I joined this forum, some security companies listen some where rude and hostile. You can bypass Comodo with DLL drop using TVL files (tested a few days ago).
In real world scenario 90% (or even more) of security products fail against a malware that is more then basic.

Thanks for the video :)
Click to expand...


You mean it fails if you use the sandbox or the HIPS too?
 
  • Like
Reactions: tonibalas and XhenEd
Comodo HIPS is a great tool but needs patient to learn it.
Thank you for the video and see you in the fall.
 
  • Like
Reactions: Fuzzfas
NullByte said:
Sandbox

With HIPS depends on you and what you allow or what you block.
Click to expand...

Thanks. Fine then. I 'm used having only the HIPS part activated since v5.10. And it seems i will stay this way. So i can even let the TVL in place. This is great news.
 
  • Like
Reactions: tonibalas
No surprise, HIPS is meant to monitor anything towards on the whole system.

So the malware will have no choice but to undergone such operation without approval.

TVL, still a big dilemma at all so it is more on improving the components as Smart on detection.
 

You may also like...