Report trusted and whitelisted malware here- 2014 (NO LIVE MALWARE!)

spywar · January 1, 2014, 12:55pm

Comodo is constantly improving its whitelist. This makes CIS more user friendly but does, in some circumstances, have some downsides. Some malware may sometimes be trusted because it is signed by a trusted certificate or perhaps the vendor was trustworthy, but then changed their ways. This is rare, but it does happen.

Regardless of how it happens it’s important to take action against this. If you find malware that is whitelisted, but seems suspicious, please report it here. The name of the trusted vendor, or any other information, is also useful.

Upload these files to one of the following services and post a link to the results:

Comodo Valkyrie
or Comodo Instant Malware Analysis
or VirusTotal

DO NOT attach or link any malware or malicious links to your post.

Loner · January 11, 2014, 9:33am

http://camas.comodo.com/cgi-bin/submit?file=29852e92f5371b08d2dddea9ff308fdc98f06b1b8e290450bec2f3a0084ee860
http://valkyrie.comodo.com/Result.html?sha1=efcb854e71a29d1a74de81f09221d4e1d8c7cacf&&query=0&&filename=Van_morrison_-_someone_like_you_320cbr_(big_papi)_single_mp3.exe

spywar · January 11, 2014, 9:36am

I get an “unknown” rate from FileIntelligence http://file-intelligence.comodo.com/search-sha1.php
Is it trusted on your end ?

Manikandan_A · January 11, 2014, 9:46am

Hi Loner ,

Thank you for reporting, we’ll check it.

Regards,
Manikandan A

pouria · January 12, 2014, 10:09am

Pavit · January 12, 2014, 10:25am

Hi,

Thank you for reporting this. We’ll check it.

Regards,
N.G.Pavithra

pouria · January 25, 2014, 7:42am

Manikandan_A · January 25, 2014, 7:48am

Hi pouria,

Thank you for reporting, we’ll check it.

Regards,
Manikandan A

Loner · January 30, 2014, 12:28am

Priyadharsini · January 30, 2014, 4:46am

Hi Loner,

Thank you for reporting, we’ll check it.

Regards,
Priyadharsini.G

spywar · January 30, 2014, 6:00am

Digital sign not in TVL and found unknown by hash lookup, did you get a safe rating ?

spywar · February 1, 2014, 10:06pm

Publisher : NewNextDotMe did not find in local TVL, but please check it if it’s in cloud.

miloszcz · February 3, 2014, 10:03am

Mostly adware. Trusted.

srinivasang · February 3, 2014, 10:05am

Hi morphiusz ,

Thank you for reporting, we’ll check it.

Regards,
Srinivasan.G

cagatayak · February 3, 2014, 8:13pm

not trusted. these are PUPs

spywar · February 3, 2014, 8:22pm

Their rates in Comodo cloud were safe, we know that these files are PUPs. Purpose of this topic is to report any malware found with a safe verdict for processing.

cagatayak · February 3, 2014, 8:24pm

I understood very thank you.
regards.

spywar · February 3, 2014, 8:29pm

No problem,
thanks.

Loner · February 7, 2014, 5:58am

Priyadharsini · February 7, 2014, 6:01am

Hi Loner,

Thank you for reporting, we’ll check them.

Regards,
Priyadharsini.G