![]() When run, the malware was plopped into containment- where all subsequent malicious spawn was also contained- VirusScope detected and deleted the vbs and python scripts and the FW alerted, blocked, and prevented the contained beacon from connecting out. ![]() Note: I've been playing with a pretty piece of malware I came across recently- a Zoom video stealer which does a number of nasty things including (but certainly not limited to) like using a batch script to hide the directory containing malicious processes and tools (via an "attrib +s +h +a" batch command) a vbs script, some Python routines, as well as setting the ability to Beacon. Comodo's definitions aren't in the same class as something like K, but who cares as:ΔΆ). It does work in that it will detect and delete stuff that Comodo has definitions for (just like any other AV) and being only an on-access thingy it takes essentially no resources. Virusscope is as useful (or as pointless) as any other AV would be.
0 Comments
Leave a Reply. |