I found this file L2.exe that is trusted by Comodo but is detected by Malwarebytes and many on virus total as malicious. L2.exe and a reg file was created by an exe (netline.exe) which is flagged by comodo AV as a trojan. From what someone said on virus total it could be a client for some sort of billing system. Could the original exe be using L2.exe to steal data??? but then why would malwarebytes and others flag L2.exe as malware?
Cheers.
Shaun
I still have the files if anyone wants them.
Hi Shaun,
Thank you for your submission. We’ll check this and get back to you soon.
Kind Regards,
Erik M.
I submitted L2.exe (same MD5) about a week ago via CIMA and via CIS interface and, indeed, it is still undetected.
I sent L2.exe via the web interface; however, I no longer have the file that dropped L2.exe.
Whoop
I have sent netline.exe the file that drops L2.exe and a a reg file.
cheers
shaun
Hi Shaun,
Thank you for your submission. We’ll check this and get back to you soon.
Kind Regards,
FangFang
Hi MetalShaun,
Reported FP is fixed.You can confirm this with DB V6351.
Regards,
Vaishnavi.V.K
Really?? i wasn’t reporting it as a FP but as potential malware that was trusted. Malwarebytes finds both files as malware along with many on Virustotal. So you have tested these files and they are actually safe???
Cheers
Shaun
Edit: I see L2.exe is not trusted anymore which is good.
Hi MetalShaun,
The file was found as not having a malicious behavior. It was removed from our whitelist because it modifies some settings without prompting the user and by removing it from whitelist, CIS will prompt the user for action, to further willingly allows it or not.
Regards,
Ionel
Ok , Thanks for your time.
Cheers
Shaun