Submit Applications Here To Be Whitelisted 2024

Comodo Internet Security - CIS AV False Positive/Negative Detection Reporting
81
  1. link[.]mail[.]beehiiv[.]com VirusTotal

Hi Comodo team ,
I represent the Abuse, Compliance, and Deliverability team with beehiiv. beehiiv is a SaaS company that provides tools for our users to create and send email newsletters to their subscriber audience.
It has come to our attention that one of our click tracking domains has been listed with your service. This domain is used by us to provide engagement and performance data for links in our users emails. With this Domain listed with your service it is preventing our users newsletter readers from accessing the links in the emails they receive.
We believe the cause of this listing is due to a recent spike in bad actors who exploited our platform to send malicious emails. Our team has located and removed the accounts associated with this spam and adjusted our security checks to stop malicious mail from being sent moving forward.
I would like to request a mitigation for the domain listed above and any related IP’s which are included here (104.18.69.40 - 104.18.68.40) that may be causing the blocks our users are reporting to us.
We appreciate your time with reviewing this request and look forward to your response. If any additional information is needed please reach out here and include our abuse ticket system address abuse@beehiiv.com.

Regards,
Noah
CTO

82

Nome do aplicativo: MicrosoftEdgeWebView2RuntimeInstallerX64
MD5
4cff2c1530a0514bbb20a6705dfa42c9
SHA-1
4e302fec14b5b1a5ef2cf00842bbb096ba0d9481
SHA-256
17b5c528cfd5b70f9eeff5cd6cd7bc4b8c6d2b836a51f5ccf394a90c4f197c7e

83

The file is not being sent and is probably larger than the limit that is accepted by Valkyrie.
Guys, please let the COMODO team increase the file size to 650 equal to virustotal. to make it easier to send files for analysis, this will improve things for everyone.

image
image718×652 36.7 KB

84

Hi New_Style_xd,

Your request has been processed.

Thanks,
Jothi S

1 Like
85

Thanks to the whole team!

86

Could you check and whitelist winget utility, it is blocked by default by Comodo auto-contaiment?

Winget is official Microsoft Windows Package Manager that comes already installed with Windows, also available at https://github.com/microsoft/winget-cli

87

Hi HaryHr,

We are processing your request.

Thanks,
Jothi S

88

@JothiDeepan @FlorinG

Nome do aplicativo: MicrosoftEdgeWebView2RuntimeInstallerX64
MD5
7ebd6536bfedb24edcc4cceb4942f800
SHA-1
0fe0f8712b9025df0f1c69e48d70b87bcdf7708d
SHA-256
4368fcd587a41d5138025bf3006bf4c09a506bda3e05df9afc50d4e83702650e

89

Hi New_Style_xd,

Your request has been processed.

Thanks,
Jothi S

1 Like
90

Thank you COMODO team

91

Greetings,

Here’s the info regarding the install file of Prezi requested from 0x80072f8f when CIS uploads unrecognized files to COMODO - #23 by C.O.M.O.D.O_RT

  1. Prezi
  2. Log In | Prezi (must have created an account)
  3. VirusTotal - File - 204c6b1881b36bc3db111048ec6a2834505896bebf4ba2b762d4876e2cd248fa

B

92

Greetings,

I have another PC than the one mentioned in 0x80072f8f when CIS uploads unrecognized files to COMODO - Bug Reports - Comodo Forum which too cannot uploads all of the unrecognized files to COMODO for check up.

Here’s a collage of screenshots of 150 files that produces the bug check code 0x80072f8f after a CIS scan lists them and then trying to upload unrecognized files to COMODO:

0x80072f8f
0x80072f8f1920×2596 640 KB

Here is a “File List” logs (trimmed with: New Ratings > Contains > Unrecognized) of 279 unrecognized files detected after a CIS scan including the 150 listed above:
File List logs.pdf (431.4 KB)

Manually checking the hash of 150 files and finding the DL links might not be too much time efficient. Any other way to help with pinpointing the files would be much appreciated.

Nevertheless, here are the name of the softwares. (Softwares: 1, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14 and 15 are downloaded via Steam app; softwares: 2, 3 and 16 are downloaded via Battle .net app; software 4 is downloaded via EA app).

  1. Chivalry 2
    1.1 https://store.steampowered.com/app/1824220/Chivalry_2/

  2. Diablo Immortal
    2.1 https://diabloimmortal.blizzard.com/en-us/

  3. Hearthstone
    3.1 https://hearthstone.blizzard.com/en-us

  4. CNC the Covert Operation
    4.1 https://www.ea.com/games/command-and-conquer/command-and-conquer-the-ultimate-collection/buy/pc (broken link, but the files comes from the ultimate collection sold by EA)

  5. Cell to Singularity
    5.1 https://store.steampowered.com/app/977400/Cell_to_Singularity__Evolution_Never_Ends/

  6. Chivalry Medieval Warfare
    6.1 https://store.steampowered.com/app/219640/Chivalry_Medieval_Warfare/

  7. Grim Dawn
    7.1 https://store.steampowered.com/app/219990/Grim_Dawn/

  8. Path of Exile
    8.1 https://store.steampowered.com/app/238960/Path_of_Exile/

  9. Rawbots
    9.1 https://store.steampowered.com/app/2080950/Rawbots/

  10. Risen
    10.1 https://store.steampowered.com/app/40300/Risen/

  11. TIS-100
    11.1 https://store.steampowered.com/app/370360/TIS100/

  12. DOOM
    12.1 https://store.steampowered.com/app/379720/DOOM/

  13. Space Engine
    13.1 https://store.steampowered.com/app/314650/SpaceEngine/

  14. Halo Infinite
    14.1 https://store.steampowered.com/app/1240440/Halo_Infinite/

  15. RISK Global Domination
    15.1 https://store.steampowered.com/app/1128810/RISK_Global_Domination/

  16. World of Warcraft
    16.1 https://worldofwarcraft.blizzard.com/en-us/

  17. C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_31dab972145ae5a9\nvldumdx.dll
    17.1 Most likely downloaded via NVIDIA GeForce Experience Hub itself downloaded from: https://www.nvidia.com/Download/driverResults.aspx/230093/en-us/
    17.2 SHA256: 71053A7D173B028A31C23D916CCA642764D362EF3DDA12075FD2D08E41F5EA85

Thanks in advance,

B

93

@JothiDeepan @FlorinG

Nome do aplicativo: MicrosoftEdgeWebView2RuntimeInstallerX64
MD5
9d7c124d93b06c00628e24cf4702c687
SHA-1
bd708c64a0df4d33135f34aceb322f63854eed11
SHA-256
f19920dd77421e4fb218dac6253653fe7570c8a885154fe821662e7959404d2b

94

Hi burialfaith,

We are processing your request.

Regards,
Jothi S

95

Hi burialfaith,

We are processing your request.

Regards,
Jothi S

96

Hi New_Style_xd,

Your request has been processed.

Thanks,
Jothi S

1 Like
97

Thank you to the COMODO team

98

@JothiDeepan @FlorinG

Nome do aplicativo: Dism++x64.exe
MD5
a1a058ff98dc1f9320195b398aa06167
SHA-1
d974136e6dc4b1726b50a770ec8d6f0f4fc859a7
SHA-256
16bbdb339173d25b4332b377da96e80809aabfe6739cf35d5e70484f08cfdc42

image
image1317×499 91.3 KB

I am requesting it because it was already sent to Valkyrie on 08/30/2021 and the last analysis was on 04/19/2024.

How come this program is running in self containment since it was told it is a clean file by Valkyrie?

99

@JothiDeepan @FlorinG

Nome do aplicativo: MicrosoftEdgeUpdateSetup.exe
MD5
756c42e069525233984489e441c993f9
SHA-1
85fe16822ac48fd6a94dd6e54567a03fa883fbaa
SHA-256
832a88c93edb2352e361cb36437483af0dbfec3e1e7782e13f120e1a0d14e17a

100

Hi New_Style_xd,

Hi,

We have tested the file. The same is not being contained from our side. If possible, could you please share us the containment log or screenshot of the file being contained.

Regards,
Jothi S

1 Like