Author Topic: Report trusted and whitelisted malware here- 2016 (NO LIVE MALWARE!)  (Read 10446 times)

Offline devilbat

  • Comodo Loves me
  • ****
  • Posts: 176
Re: Report trusted and whitelisted malware here- 2016 (NO LIVE MALWARE!)
« Reply #45 on: March 11, 2016, 02:24:25 PM »
You are wrong again, this vendor was removed within 24 hours from your original post. Also please stop spamming the same post in multiple forum threads.

I had removed my post in this thread because my initial intention was to post in the Unfixed FP thread, however I posted it here by mistake. Strangely my removed post re-appeared here, so no I am not spamming, it was a mistake. Regarding the mentioned vendors, all of them are still on Trusted Vendors List on my end, strangelly. But whatever.

Offline FlorinG

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3557
Re: Report trusted and whitelisted malware here- 2016 (NO LIVE MALWARE!)
« Reply #46 on: March 11, 2016, 02:38:52 PM »
Hello devilbat,

1.When you originally posted here, I replied to you in just a few minutes, your post was not yet deleted. After submitting my reply I noticed a mistake in my post so I clicked the "remove" button and that probably happened in the exact moment when you decided to also delete your post. Then I noticed both (mine and yours) posts disappeared and I thought that was my bad and I went and restored them back. I'm sorry for the confusion. Anyway, this is the right thread for this issue, not the "Unfixed FP" thread.

2. I said this vendor "ZZZ-PC\zzz" was removed because I handled that post when you submitted it. I'll ask HariKrishnan to respond regarding the others.

Best regards,
FlorinG
If possible please post your malware submissions as SHA1 lists (created with HashMyFiles or any other software). Always make sure first you have submitted the samples through CIS or CIMA.

Offline HariKrishnan

  • First Response Group
  • Comodo Loves me
  • *****
  • Posts: 163
Re: Report trusted and whitelisted malware here- 2016 (NO LIVE MALWARE!)
« Reply #47 on: March 14, 2016, 07:23:04 AM »
AV Database: 24509

Two Unfixed Whitelisted Malware reports:
https://www.virustotal.com/en/file/479afadc9da70051b93c6992b90f4d5c3dbe9d7cb63b8fac945f196d3a366ac1/analysis/

https://www.virustotal.com/en/file/789b96bd0f65b2a925f2a24dba5986a17c725172dd829435d8011921707fb226/analysis/

https://www.virustotal.com/en/file/1d9d2f82de775e496d1ce14ba5eab110048ebe790c68d77a5c0244cefd91b2b1/analysis/

https://www.virustotal.com/en/file/9518b40c7fc15ebb87e1f90492f8fd03021d13a46af44c7eb9497587048950ae/analysis/

https://www.virustotal.com/en/file/69a68eada47d97748789cb3b74750d19a3e20302e2357cb22fac27060fef8140/analysis/

https://www.virustotal.com/en/file/37d53286883640bb783d2e95b3a272d426bd84f8114d995c1e642507ccbb04ea/analysis/

https://www.virustotal.com/en/file/d6bf3b9d732a89e029eca9bd17c646878a1b8e152198324c412bc9dee6898cb2/analysis/

https://www.virustotal.com/en/file/4655d7e688d7b082af107687cae6f44a64fe66393ceac6a370dfe211aeed9e22/analysis/

https://www.virustotal.com/en/file/c7ff32923da0d2cfdda139e7caec51666b6fa628be9a363cbf17fe2e04df7e79/analysis/

https://www.virustotal.com/en/file/8abc2265f3fb99fbc004e25cca3a527c381de7930c52ff480aae14b225c14f2e/analysis/

https://www.virustotal.com/en/file/8b29b990145b1a2c48073fad05d7b49302df1c361614645e125f51344dcbd2b4/analysis/





Hi devilbat,
    The following files are not Adware/Potentially Unwanted Programs(PUP).
[Software995 Inc.]
SHA1: 91dd7e40ee4f31e2dfa59af6446ea7debf90f6c9
SHA1: edf6a077ee701a534845e7df6ed2db488d4649a8
SHA1: 370ccf035a476e1dff36cbb4495acb4e1e21cf42

[CleanMyPC Software],[CleanMyPC Technology Limited]
SHA1: 1a2c58c3b1cfd4ceb170b79f806e5ec25c04b857
SHA1: ded907cbcbda0884d63765d0548bf830b2aefb12
SHA1: 1fc50796162a30fb0d8d70b028e0674b7578d691
SHA1: e5ef8710329b4983b7fd67d509a1eecd36073aca
SHA1: 53d6a08cb9bc9f5c077d39f10586139c57dab26a

[Mail.com Media Corporation]
SHA1: bb88dbb5d2d87afe7849ac22f34d082c501256ed

Regards,
Harikrishnan M


Offline FlorinG

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3557
Re: Report trusted and whitelisted malware here- 2016 (NO LIVE MALWARE!)
« Reply #49 on: March 25, 2016, 02:57:15 PM »
Hello qmarius,

Thank you for sharing these, we'll check them.

Best regards,
FlorinG
If possible please post your malware submissions as SHA1 lists (created with HashMyFiles or any other software). Always make sure first you have submitted the samples through CIS or CIMA.

Offline BlueTesta

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 482
Re: Report trusted and whitelisted malware here- 2016 (NO LIVE MALWARE!)
« Reply #50 on: April 10, 2016, 07:43:05 AM »
Comodo cloud lookup: Trusted

File name: api-dmrc.exe
Product name: Njjsrg
SHA256:    e2c567f2c5dde5934a1bfa9dc3bcb745a601b34ab20fff25e0b8241313f9829f

https://www.virustotal.com/en/file/e2c567f2c5dde5934a1bfa9dc3bcb745a601b34ab20fff25e0b8241313f9829f/analysis/
23/57
« Last Edit: April 10, 2016, 07:47:16 AM by BlueTesta »
"Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid."

Offline Sathish P

  • First Response Group
  • Comodo Loves me
  • *****
  • Posts: 197
Re: Report trusted and whitelisted malware here- 2016 (NO LIVE MALWARE!)
« Reply #51 on: April 10, 2016, 07:56:54 AM »
Hi BlueTesta,

Thank you for your submission.
We'll check it and if found to be malware detection will be added.

Regards,
Sathish

Offline Sathish P

  • First Response Group
  • Comodo Loves me
  • *****
  • Posts: 197
Re: Report trusted and whitelisted malware here- 2016 (NO LIVE MALWARE!)
« Reply #52 on: April 16, 2016, 04:53:38 AM »
Hi Dis,

Thank you for your submission.
We'll check them and if found to be malware detection will be added.

Regards,
Sathish

Offline yigido

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 5691
  • COMODO Rocks!
    • Free Comodo Products!
COMODO Cloud Antivirus
Firefox Quantum
Encrypt the web! Use HTTPS Everywhere..
Block spying ads and invisible trackers! Use Privacy Badger..

Offline FlorinG

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3557
Re: Report trusted and whitelisted malware here- 2016 (NO LIVE MALWARE!)
« Reply #54 on: April 18, 2016, 02:59:04 PM »
Hello yigido,

Thank you for reporting this, we'll check it.

Best regards,
FlorinG
If possible please post your malware submissions as SHA1 lists (created with HashMyFiles or any other software). Always make sure first you have submitted the samples through CIS or CIMA.

Offline meldan

  • First Response Group
  • Comodo's Hero
  • *****
  • Posts: 3245
Re: Report trusted and whitelisted malware here- 2016 (NO LIVE MALWARE!)
« Reply #55 on: April 23, 2016, 02:02:59 PM »
Hi,

Thank you for your submission, we'll check it and get back to you.

Kind Regards,
Erik M.


Offline HariKrishnan

  • First Response Group
  • Comodo Loves me
  • *****
  • Posts: 163
Re: Report trusted and whitelisted malware here- 2016 (NO LIVE MALWARE!)
« Reply #57 on: May 02, 2016, 12:28:00 AM »
Hi morphiusz,

Thank you for reporting, we'll check it.

Regards,
Harikrishnan M

Offline BlueTesta

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 482
Re: Report trusted and whitelisted malware here- 2016 (NO LIVE MALWARE!)
« Reply #58 on: May 12, 2016, 07:29:36 PM »
Trusted by Comodo Cloud Lookup

File name: mdxi_306.exe
SHA256:    be2db64d639be134d1d03c75cfbcd7de396e3d5171f40b5a419a8ab690e41c1b

Virustotal 16/57:  Adware, Trojan, Riskware, Rogue
https://www.virustotal.com/en/file/be2db64d639be134d1d03c75cfbcd7de396e3d5171f40b5a419a8ab690e41c1b/analysis/1463094681/

Chinese program that Auto-install itself without any kind of interface.
Hidden Location: C:\Users\User Name\AppData\Roaming\mdxi

No way to uninstall from Programs and Features
Folder must be deleted manually.
« Last Edit: May 12, 2016, 07:42:12 PM by BlueTesta »
"Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid."

Offline Qiuhui.Wang

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 2100
Re: Report trusted and whitelisted malware here- 2016 (NO LIVE MALWARE!)
« Reply #59 on: May 12, 2016, 11:18:25 PM »
Hi BlueTesta,

Thank you for your submission.
We'll check these.

Best regards
Qiuhui.Wang

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek