Author Topic: FP - Trusteer Rapport  (Read 4668 times)

Offline Seany007

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 2381
  • Comodo Commando
FP - Trusteer Rapport
« on: May 18, 2012, 04:12:47 PM »
Rootkit.HiddenFile[at]0 c:\Users\Admin\AppData\Local\Trusteer\Rapport\user\store\user\rapport_var_1.cfg.data
Proud Comodo User (CIS, CD, CID and CMS)

Offline Qiuhui.Wang

  • First Response Group
  • Comodo's Hero
  • *****
  • Posts: 1432
Re: FP - Trusteer Rapport
« Reply #1 on: May 18, 2012, 04:20:55 PM »
Rootkit.HiddenFile[at]0 c:\Users\Admin\AppData\Local\Trusteer\Rapport\user\store\user\rapport_var_1.cfg.data



Hi Seany007,

Thanks for reporting.
Could you please submit the detected file at
http://internetsecurity.comodo.com/submit.php.

Regards
Qiuhui.Wang

Offline Seany007

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 2381
  • Comodo Commando
Re: FP - Trusteer Rapport
« Reply #2 on: May 18, 2012, 05:18:19 PM »

Hi Seany007,

Thanks for reporting.
Could you please submit the detected file at
http://internetsecurity.comodo.com/submit.php.

Regards
Qiuhui.Wang

I tried. The upload goes well over 30min for few kilobytes! I think it's trusteer rapport protection system it won't allow.
Proud Comodo User (CIS, CD, CID and CMS)

Offline Seany007

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 2381
  • Comodo Commando
Re: FP - Trusteer Rapport
« Reply #3 on: May 19, 2012, 09:13:19 PM »

Hi Seany007,

Thanks for reporting.
Could you please submit the detected file at
http://internetsecurity.comodo.com/submit.php.

Regards
Qiuhui.Wang

So? ???
Proud Comodo User (CIS, CD, CID and CMS)

Offline Qiuhui.Wang

  • First Response Group
  • Comodo's Hero
  • *****
  • Posts: 1432
Re: FP - Trusteer Rapport
« Reply #4 on: May 19, 2012, 10:09:42 PM »
So? ???

Hi Seany007,

You can go through the following way

1.Please submit the detected file at http://internetsecurity.comodo.com/submit.php;
2.Sample in the form of  forums accessories upload;
3.Give me about sample VT(https://www.virustotal.com) links.

Regards
Qiuhui.Wang

Offline TrusteerSupport

  • Newbie
  • *
  • Posts: 1
Re: FP - Trusteer Rapport
« Reply #5 on: May 20, 2012, 05:31:46 AM »
Hello Seany007,

We would like to offer you our 24/7 free technical support to address any problems you are having with Trusteer Rapport- sending logs or files, etc.

You can contact the support team at http://www.trusteer.com/support/report-problem .

Regards,
Trusteer Technical Support

Offline Seany007

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 2381
  • Comodo Commando
Re: FP - Trusteer Rapport
« Reply #6 on: May 20, 2012, 11:19:31 AM »
Hi Seany007,

You can go through the following way

1.Please submit the detected file at http://internetsecurity.comodo.com/submit.php;
2.Sample in the form of  forums accessories upload;
3.Give me about sample VT(https://www.virustotal.com) links.

Regards
Qiuhui.Wang

As I stated above I can't submit. Here is the VT results 100% FP:

https://www.virustotal.com/file/fb31cf12468f6291f1cd047cf26a943b53a49049805017a375ba615b9cd48f46/analysis/1337530306/
Proud Comodo User (CIS, CD, CID and CMS)

Offline Seany007

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 2381
  • Comodo Commando
Re: FP - Trusteer Rapport
« Reply #7 on: May 20, 2012, 11:20:35 AM »
Hello Seany007,

We would like to offer you our 24/7 free technical support to address any problems you are having with Trusteer Rapport- sending logs or files, etc.

You can contact the support team at http://www.trusteer.com/support/report-problem .

Regards,
Trusteer Technical Support

Thank you for your help :)
Proud Comodo User (CIS, CD, CID and CMS)

Offline Qiuhui.Wang

  • First Response Group
  • Comodo's Hero
  • *****
  • Posts: 1432
Re: FP - Trusteer Rapport
« Reply #8 on: May 20, 2012, 07:49:01 PM »
As I stated above I can't submit. Here is the VT results 100% FP:

https://www.virustotal.com/file/fb31cf12468f6291f1cd047cf26a943b53a49049805017a375ba615b9cd48f46/analysis/1337530306/

Hi,

Thank you for reporting this.
We'll check it and get back to you soon.

Best regards
Qiuhui.Wang

Offline Seany007

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 2381
  • Comodo Commando
Re: FP - Trusteer Rapport
« Reply #9 on: May 23, 2012, 07:58:18 PM »
Hi,

Thank you for reporting this.
We'll check it and get back to you soon.

Best regards
Qiuhui.Wang


It's been few days now? So? ???
Proud Comodo User (CIS, CD, CID and CMS)

Offline Ionel

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 849
Re: FP - Trusteer Rapport
« Reply #10 on: May 24, 2012, 05:26:05 AM »
Hi Seany007,

Unfortunately the file with SHA1 ccdf0ee045928ba4b6301163eb98bd5127efc7a6 didn't reach our servers, so we are unable to verify the issue. Have you tried adding respective file to Trusted Files list and/or Exclusions list in CIS? Can you please zip the file and send the archive to us via http://www.comodo.com/home/internet-security/submit.php ?

Thanks and regards,
Ionel
« Last Edit: May 24, 2012, 05:28:03 AM by Ionel »

Offline Seany007

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 2381
  • Comodo Commando
Re: FP - Trusteer Rapport
« Reply #11 on: May 24, 2012, 12:06:22 PM »
Hi Seany007,

Unfortunately the file with SHA1 ccdf0ee045928ba4b6301163eb98bd5127efc7a6 didn't reach our servers, so we are unable to verify the issue. Have you tried adding respective file to Trusted Files list and/or Exclusions list in CIS? Can you please zip the file and send the archive to us via http://www.comodo.com/home/internet-security/submit.php ?

Thanks and regards,
Ionel

Once again I can't upload it because of the rapport protection system or even CIS itself. I can add this file to trusted files it's not a problem. I do a favor for you so you can improve the AV and get rid of FP. I will try again but I don't think it will work. Is VT evidence not enough? Or you just follow Comodo policy?
Proud Comodo User (CIS, CD, CID and CMS)

Offline Chiron

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11581
Re: FP - Trusteer Rapport
« Reply #12 on: May 24, 2012, 12:22:10 PM »
[at]Seany007, is it possible that through the offered help from TrusteerSupport you could have them give you a sample of the file in question?

That way you could submit it.

It's at least worth a try, although I agree it really shouldn't be necessary, but perhaps it is for some reason.

Thanks.

 

Seo4Smf 2.0 © SmfMod.Com | Smf Destek