Author Topic: ccekrnl.xp.dat is a trojan?  (Read 879 times)

Offline User Name

  • Comodo Family Member
  • ***
  • Posts: 64
ccekrnl.xp.dat is a trojan?
« on: August 16, 2019, 08:58:05 PM »
I have run McAfee Stinger64 and has considered ccekrnl.xp.dat (Artemis!68F32F1B4847) as a trojan.


Offline Mathi R

  • Global Moderator
  • Comodo Loves me
  • *****
  • Posts: 149
Re: ccekrnl.xp.dat is a trojan?
« Reply #1 on: August 20, 2019, 12:43:34 AM »
Hi  User Name,

Could you please share the file ccekrnl.xp.dat to us for analysis.

Thanks,
Mathi R
« Last Edit: August 20, 2019, 01:25:06 AM by Mathi R »

Offline User Name

  • Comodo Family Member
  • ***
  • Posts: 64
Re: ccekrnl.xp.dat is a trojan?
« Reply #2 on: August 20, 2019, 05:26:55 AM »
OK; NP Mathi R,
btw the ccekrnl.xp.dat file is located in c:program/comodo/comodo internet security.

Offline User Name

  • Comodo Family Member
  • ***
  • Posts: 64
Re: ccekrnl.xp.dat is a trojan?
« Reply #3 on: August 20, 2019, 09:22:45 PM »
Update I let McAfee Stinger run again... now it found another trojan :
C:\Program Files\COMODO\COMODO Internet Security\ccekrnl.dat [MD5:a2514e9e51e6ea08b943da241993dc4a] is infected with Artemis!A2514E9E51E6

Offline Mathi R

  • Global Moderator
  • Comodo Loves me
  • *****
  • Posts: 149
Re: ccekrnl.xp.dat is a trojan?
« Reply #4 on: August 21, 2019, 01:42:51 AM »
Hi  User Name,

Thanks for sharing the file, our developers are checking it. I'll update its status soon. :-TU

Offline User Name

  • Comodo Family Member
  • ***
  • Posts: 64
Re: ccekrnl.xp.dat is a trojan?
« Reply #5 on: August 23, 2019, 08:27:15 AM »
Hi Mathi R;
are there now some new infos from the developers? After Stinger put the files in quarantine; I let comodo run the support diagnostic scan, it found no errors but after hitting the update button comodo has redownloaded the same version which already runs on my system.
Best regards
User Name

Offline futuretech

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5208
Re: ccekrnl.xp.dat is a trojan?
« Reply #6 on: August 23, 2019, 10:35:36 AM »
It is a false positive, I'm not sure why anyone would think Comodo would ship malware. Those files are the kernel mode driver for Comodo Cleaning Essentials.

Offline User Name

  • Comodo Family Member
  • ***
  • Posts: 64
Re: ccekrnl.xp.dat is a trojan?
« Reply #7 on: August 23, 2019, 11:13:02 AM »
It is a false positive, I'm not sure why anyone would think Comodo would ship malware. Those files are the kernel mode driver for Comodo Cleaning Essentials.
TY for your answer, well but it wouldnt be the 1st time that big IT companies was hacked and files hijacked- we saw that in the past with VLC-player and CCleaner. And if a Antimalware detects/consider a file/data as some kind of malware it should be always good to check that file/data.

Online kyl

  • Comodo's Hero
  • *****
  • Posts: 242
Re: ccekrnl.xp.dat is a trojan?
« Reply #8 on: August 23, 2019, 02:56:35 PM »
very common that some avs flags other avs as malware/dangerous

Offline Mathi R

  • Global Moderator
  • Comodo Loves me
  • *****
  • Posts: 149
Re: ccekrnl.xp.dat is a trojan?
« Reply #9 on: August 24, 2019, 02:42:59 AM »
Hi  User Name,

It is a false positive. The issue has been reported to Macfee, soon the verdict will be changed for those files.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek