Author Topic: Malware not detected - 2010  (Read 437005 times)

3xist

  • Guest
Malware not detected - 2010
« on: January 01, 2010, 02:37:11 AM »
All undetected malware is to be posted in this thread.

NOTE: This thread is NOT designed for live malware. DO NOT attach or link any malware or malicious links to your post. Instead include the following:

*Comodo Instant Malware Analysis Link (CIMA): http://camas.comodo.com/
*Virus Total Link: www.virustotal.com
*MD5/SHA1 Value (E.g  SHA1: 1BEA20618B6F66C01EA7D487E076026590E670C0)

Any malware uploaded to CIMA goes straight into Comodo AV Labs. Comodo can also identify malware using MD5/SHA1 Values.

Archive: malwares (not detected)


NOTE: This thread is NOT designed for live malware. DO NOT attach or link any malware or malicious links to your post. Instead include the approperiate CIMA/Virus Total links and MD5/SHA1 values.

V.


Offline haja

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 703
Re: Malware not detected - 2010
« Reply #2 on: January 06, 2010, 03:47:35 AM »
Hi jake12345,

Undetected Malware

http://camas.comodo.com/cgi-bin/submit?file=dcb1f8687711f55b49da7dc520c05953c68cc83ef6cb2919c1bc4235ad1f027b


Thanks for reporting.We are going to check that and detection will be added,if it is found be a malware.

Regards,
Haja

Offline fOrTy_7

  • Comodo's Hero
  • *****
  • Posts: 599
Re: Malware not detected - 2010
« Reply #3 on: January 06, 2010, 01:02:22 PM »
I came across this link on the web. It's few days old, so might be already covered by CAV.
Anyway, here's the link: http://www.virustotal.com/analisis/9007db1905b00fd326ba4bc08dd254d7add4c75ad1864cdcd74446bdc19cecd1-1262559855

Offline FlorinG

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3998
Re: Malware not detected - 2010
« Reply #4 on: January 06, 2010, 01:20:16 PM »
Hello fOrTy_7,

Thank you for your submission. We'll check it and if found to be malware detection will be added.

Best regards,
FlorinG
If possible please post your malware submissions as SHA1 lists (created with HashMyFiles or any other software). Always make sure first you have submitted the samples through CIS.

Offline genetix

  • Comodo Family Member
  • ***
  • Posts: 61
Re: Malware not detected - 2010
« Reply #5 on: January 07, 2010, 12:27:07 PM »
correcting location.
« Last Edit: January 07, 2010, 12:35:45 PM by genetix »

Offline FlorinG

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3998
Re: Malware not detected - 2010
« Reply #6 on: January 07, 2010, 12:29:24 PM »
Hello genetix,

Thank you for pointing this to us. We'll check the file and if found to be malware detection will be added.

Best regards,
FlorinG
If possible please post your malware submissions as SHA1 lists (created with HashMyFiles or any other software). Always make sure first you have submitted the samples through CIS.

Offline genetix

  • Comodo Family Member
  • ***
  • Posts: 61
Re: Malware not detected - 2010
« Reply #7 on: January 07, 2010, 12:30:29 PM »
Sadly I think I posted it on wrong forum section.

current v3.13.126709.581 comodo detects this as malware while it's clean memory/DDR toy.

---

I'll still add these links it looks back to here.. Since the sticky topic 'NO MALWARE TO BE POSTED HERE' is locked topic for some reason...

http://camas.comodo.com/cgi-bin/submit?file=95e512f878448fb3b3829fde160343ac8f775f2645b54b3e42ccb14943bd1d38
http://www.virustotal.com/analisis/95e512f878448fb3b3829fde160343ac8f775f2645b54b3e42ccb14943bd1d38-1248707784
« Last Edit: January 07, 2010, 12:38:01 PM by genetix »

Offline Ionel

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3580
Re: Malware not detected - 2010
« Reply #8 on: January 07, 2010, 12:40:54 PM »
Hi genetix

Sadly I think I posted it on wrong forum section.

current v3.13.126709.581 comodo detects this as malware while it's clean memory/DDR toy.


We will verify these and if they're found to be false-positives, detection will be removed.

Regards,
Ionel

shaogang.he

  • Guest
Re: Malware not detected - 2010
« Reply #9 on: January 07, 2010, 09:30:14 PM »
Sadly I think I posted it on wrong forum section.

current v3.13.126709.581 comodo detects this as malware while it's clean memory/DDR toy.

---

I'll still add these links it looks back to here.. Since the sticky topic 'NO MALWARE TO BE POSTED HERE' is locked topic for some reason...

http://camas.comodo.com/cgi-bin/submit?file=95e512f878448fb3b3829fde160343ac8f775f2645b54b3e42ccb14943bd1d38
http://www.virustotal.com/analisis/95e512f878448fb3b3829fde160343ac8f775f2645b54b3e42ccb14943bd1d38-1248707784
Hi,genetix
This false-positive has been fixed. Please check in virus signature database 3505
Thanks and Regards
Shaogang

Offline genetix

  • Comodo Family Member
  • ***
  • Posts: 61
Re: Malware not detected - 2010
« Reply #10 on: January 08, 2010, 03:09:28 AM »
Hi,genetix
This false-positive has been fixed. Please check in virus signature database 3505
Thanks and Regards
Shaogang

Yeah, checking.. and I got here like 10-20 others too (not sure how to post these Comodo detects 29 virukses/false-positives on my network/hardware toys alone). basic useful toys which doesn't pass test. There's still issues on Comodo on every single version of 'Mirc' as Unclassified same with almost all Everest builds and SIW/SIV same with FTP server software. Like everything that goes to network is malware while that is exactly what should be protected/monitored (only an opinion).



There's one weird one which I just got to post here:
http://blocklistpro.com/download-center/start-download/blocklist-manager/1437-blocklist_manager_install_2.7.7.exe.html
and MD5s to that are:
eb26ebec97155a1892c2c228efdcdbc0 *Blocklist_Manager_Install_2.7.7.exe
http://www.virustotal.com/analisis/f275fae7142a645568e146cc5ffa85b22e9c3d8d26569d011dca104bff2bacb2-1262610221

This one is clean however it still has really nasty toy box with it. :)
« Last Edit: January 08, 2010, 03:26:36 AM by genetix »

Offline Vaishnavi

  • Comodo's Hero
  • *****
  • Posts: 376
Re: Malware not detected - 2010
« Reply #11 on: January 08, 2010, 05:52:13 AM »
« Last Edit: January 08, 2010, 05:54:59 AM by Vaishnavik »

Offline genetix

  • Comodo Family Member
  • ***
  • Posts: 61
Re: Malware not detected - 2010
« Reply #12 on: January 08, 2010, 06:52:13 AM »
Hi genetix,

Details for this type of detection can be found in: https://forums.comodo.com/false-positivenegative-reporting-is-this-a-malware-that-cis-hasnot-detected/cis-malware-naming-rules-for-potentially-dangerous-applicationsriskware-t38506.0.html;msg277700#msg277700

yeah, I know specially something like 'ApplicUnwnt' is totally idiotic style of even consider activating this kinda modes anywhere as people like myself uses VNC's, RDP's, hundreds of different sort of servers & tests new software nearly daily basis. It's damn problematic while comodo just keeps blaming virukses or well 'unwanted' on almost everything that in this world has any purpose to be installed. In this case it's same as it would say Firefox is ultimate threat or Opera as they also can act as servers can act as Mirrors to system.

Note:If you suspect a file as FP, you can follow any one of the way found here: https://forums.comodo.com/false-positivenegative-reporting-is-this-a-malware-that-cis-hasnot-detected/how-to-report-false-positives-please-read-this-before-submitting-t44473.0.html

Regards,
Vaishnavi.V.K

Now here's a large issue. I know there's a lot of False-positives hell I use atm multiple softwares which comodo sees as virus not even so called an 'unwanted'. Basically, problem comes on registerations on some of the software as I am not allowed to send this kind of software straight up or simply because some of the softwares are in Beta/Alpha not publicly available like most of the Benchmarking softwares.

However, doesn't take too much while looking around basic hardware toys to find FPs. Just wanted to say that no people will send you files which are either not legit or registered the way original program files are patched to register.

Offline haja

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 703
Re: Malware not detected - 2010
« Reply #13 on: January 10, 2010, 12:35:24 AM »
Hi jake12345,

Undetected Malware

http://camas.comodo.com/cgi-bin/submit?file=dcb1f8687711f55b49da7dc520c05953c68cc83ef6cb2919c1bc4235ad1f027b

Detection has been added.Please check with DB 3529 of CIS 3.13.126709.581


Regards,
Haja

Offline FlorinG

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3998
Re: Malware not detected - 2010
« Reply #14 on: January 11, 2010, 08:57:15 AM »
I came across this link on the web. It's few days old, so might be already covered by CAV.
Anyway, here's the link: http://www.virustotal.com/analisis/9007db1905b00fd326ba4bc08dd254d7add4c75ad1864cdcd74446bdc19cecd1-1262559855

Hello,

Detection for  the submitted sample has been added. You can check with DB 3514 of CIS.

Best regards,
FlorinG
If possible please post your malware submissions as SHA1 lists (created with HashMyFiles or any other software). Always make sure first you have submitted the samples through CIS.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek