Hey everyone, i hope this is the right place to put it, but the point of this thread is quite self explanitory really although i may have post this in the wrong thread (sorry if thats so new hear.) Hopefully it can be moved to the correct thread.
Basically, i’ve been having a friend bombard me with a few files via MSN, as my confidence with Comodo, is well very high.
The test was to hit me with a series of password snatchers that relay the information, but i have good news and bad news.
First of all, comodo past 2 of 3 tests, immediately siezed the file after transfer and i could quar or remove the file, just like that.
Unfortunately the third went through the av/live scan completely being dismissed, so im hoping that it can be examined and then added to comodos database.
If i am allowed, i will upload the file so that it can be examined, but for the moment i will leave you with the the screenshots of what the file actually is and the two of three tests that comodo detected.
http://xs843.xs.to/xs843/09372/troj291.jpg
I hope you excellent folks have some time to spare.
Catacylsm.
I moved your topic to False Positive/Negative reporting - (Is this a malware that CIS has/not detected?) .
Please submit the malware as described here:
Hi Guys
No malware (Malware sources, links attachments, etc) is to be posted here! False Positivies are fine to be uploaded, But please if you are willing to share malware on a regular basis, join our Malware Research Group, The other exception is the Malware (Not Detected) thread here. You can upload malware to Comodo Instant Malware Analysis (CIMA) and rated suspicious or not, the malware will be in AV labs hands.
This will make the moderator’s job alot easier, rather than removing malicious content then sending it to AV Analysts.
Cheers,
Josh
system
September 9, 2009, 1:39am
3
Hey everyone, i hope this is the right place to put it, but the point of this thread is quite self explanitory really although i may have post this in the wrong thread (sorry if thats so new hear.) Hopefully it can be moved to the correct thread.
Basically, i’ve been having a friend bombard me with a few files via MSN, as my confidence with Comodo, is well very high.
The test was to hit me with a series of password snatchers that relay the information, but i have good news and bad news.
First of all, comodo past 2 of 3 tests, immediately siezed the file after transfer and i could quar or remove the file, just like that.
Unfortunately the third went through the av/live scan completely being dismissed, so im hoping that it can be examined and then added to comodos database.
If i am allowed, i will upload the file so that it can be examined, but for the moment i will leave you with the the screenshots of what the file actually is and the two of three tests that comodo detected.
http://xs843.xs.to/xs843/09372/troj291.jpg
I hope you excellent folks have some time to spare.
Catacylsm.
Hi Catacylsm,
If you can find the FP file,you can submit through this link:Comodo Firewall | Get Best Personal Firewall Software for $29.99 A Year we can go to have a look at it.
Thanks and Regards,
hailong.■■■■
Hey hail, i’ve uploaded the file in a zip file,
The name is Win32.PSW.AGENT.zip as thats what comodo detected the varients as,
The email ID is this accounts one so you should have no problem verifiying it was from me.
As a response to the earlier question, yes this is malware comodo has failed to detect, although i haven’t executed the file, if need be i will.
Comodo found 2 variets of this type of file, but not the third.
Happy to help.
Michael.
Cata
Hello,
Hey hail, i’ve uploaded the file in a zip file,
The name is Win32.PSW.AGENT.zip as thats what comodo detected the varients as,
The email ID is this accounts one so you should have no problem verifiying it was from me.
As a response to the earlier question, yes this is malware comodo has failed to detect, although i haven’t executed the file, if need be i will.
Comodo found 2 variets of this type of file, but not the third.
Happy to help.
Michael.
Cata
Thank you for submitting the files. We will take a look at them.
Regards,
Sonia Botezatu.