We received over 2Gig of Malware last 24 hours from our users!!!!

fazio93 · October 10, 2008, 9:31pm

https://forums.comodo.com/empty-t12910.0.html

i think the preferred password is ‘INFECTED’

jeremysbost · October 10, 2008, 9:45pm

Oh now I just remembered the 2nd question:

Melih (or someone from the team), about how many people are on the AV labs Team? I wanted to know to see if you had a lot of people to look at submitted samples, or not. Also, about how many people are in the whole dev team (was wondering how you make all these good programs so fast)?

Melih · October 10, 2008, 9:46pm

Yep thats correct.

for the larger submissions you can always email me directly…

Melih

Melih · October 10, 2008, 9:48pm

we have around 250 programmers. We have just under 60 AV analysts on top of the programmers.

thanks
Melih

triple · October 10, 2008, 10:25pm

God!!! , this has to cost you milions and milions of US dollars every year! :o

jeremysbost · October 10, 2008, 10:47pm

Wow…and thank for replying (I was wondering if this was going to be a company secret). I had been thinking Comodo didn’t make enough money to pay much guys. I was wondering if people the programmers are all in the same building or not (if not, how do you all work together on projects? do you use a special program that I could possibility buy?).

fazio93 · October 10, 2008, 11:13pm

maybe we should start a new topic…

“Comodo: Behind the Scenes”

(:TNG)

Melih · October 11, 2008, 12:45am

we have 7 different locations. We have very good Team leaders which helps a lot. We do use some formal project management methodologies.

Melih

darcjrt · October 11, 2008, 1:07am

I’ve adopted this as my 8 hour a day hobby!! And yes, downloading thousands of malware and you will receive every single byte!!
(V)

Melih · October 11, 2008, 1:08am

You are a star darcjrt!!! (CLY)

Melih

jeremysbost · October 11, 2008, 1:25am

And just where do you get the bad things? I can’t seem to pick them up well…(I guess I’m a bit to careful with where I go, now if is a bad thing ;)).

darcjrt · October 11, 2008, 1:30am

the truth is that I have 4 people doing that research for me. I dedicate myself to get viruses from flash drives from users at work, emails and infected torrents.

BTW right now I am cleaning a flash drive with the following infections:

F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe Infected: IRC-Worm.Win32.Small.bq 1
F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iqe32.exe Infected: Trojan.Win32.Inject.fcp 1
F:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe Infected: Trojan.Win32.Agent.zre 1

COMODO did not detect 2. And I am reporting a BUG in CAV about scanning the recycler hidden folder!! It dos not works. Anyway you will see the bug report at CIS bug reports.

V7chy · October 11, 2008, 8:19am

One way is to Install Virtual PC 2007 and infect it with lots of viruses and let it run for a day or two. All viruses who can update itself download new ones and update their old viruses. Then you can install CIS and run full scan and delete all detected viruses then install some other good av like antivir or something like that. Copy all detected viruses somewhere. ;D

Happy Hunting
V7chy

darcjrt · October 12, 2008, 2:02am

Glad I could help. :■■■■
BTW Melih, you can delete my last email. it was not a bug. The guys at the CIS bug report answer my question!!! I’m talking about the recycler folder on a flash drive!! (:NRD)

user4 · October 12, 2008, 9:59am

A few days ago I submitted three samples that were embedded in websites. Two of them were added to the database today. One other (pdf) file was not, although there seems to be something wrong with it:

This pdf file had to be sent by email, because it can’t be submitted otherwise.
Three options:

emailing samples takes a bit longer
emailing samples doesn’t work
there was nothing wrong with the file

Conclusion: it would be nice if there were some kind of reply to samples submitted by email.

Melih · October 12, 2008, 12:00pm

we are working on an infrastructure whereby you can get a reply to a submission. As of today we don’t have that ability unfortunately.
thank you for your patience

Melih

darcjrt · October 12, 2008, 2:53pm

Melih,

How about the file submission embedded in CIS? Do the COMODO staff get those files? Right now is not my intention to get a response from comodo. On the contrary, I’m interested to know if the COMODO staff get those files and more important, if they get the file description on the file. See attach pic for reference.

EDIT; OMG dont take me wrong!!! I would love to see response from COMODO, however I’ve been submitting LOTS of files using COMODO File Submission!!

Thanks!

[attachment deleted by admin]

Kyle142 · October 12, 2008, 2:57pm

I like! I like!

+1111111

EDIT:: Did you make that yourself?? Or did comodo do this? I like the idea very much if you made it.

darcjrt · October 12, 2008, 3:03pm

It is under MISC menu…Submit Susp Files.

The prob is that you can only submit exe, dll, pif, and other files very limited. You cant submit .. So I send a ZIP file with EXE extension and then specify on the description to change the ext back. I would like to know if COMODO see this description.

fazio93 · October 12, 2008, 3:06pm

I always get the 412 timeout error when trying to submit that way.