Caveman Posted October 11, 2008 Share Posted October 11, 2008 OK, I checked out one of our Visitors requests at our for an an evaluation of his product. Said he had a new security software company in RU. Flags went off right away, but I checked out the site and downloaded OSAM Auto Manager. Interesting product, upon Installing it things were going well, then Comodo firewall flagged a request for direct access to my Keyboard, ohhh, I din't like that and said " deny access" this is a great example of why Comodo Firewall Pro is an excellent product. the product Install continued , no bad effect from saying "NO access" , then it asked for Direct access to the hard-drive, well many programs need that like disk management and defraggers, but again being cautious I said " Deny Access always in Comodo. it continued on and seemed to install fine. I opened the product up. Normal popups from Comodo 3 more time based on my actions, I expected those to pop up and I said " allow access to the internet to check its database for questionable files it found on my Hard drive. OK then it allowed me to view items in fairly unique way, I have not seen this combination of associating the registry entries to the program in such an easy to read format before. The scans themselves were very fast. I saw some entries which i thought were gone, the crap by Paretologic that I tested previously. So my question is to others, could this Keyboard access thing denied by Comodo be a keylogger? Well my first step was to submit the installer 8.7 mb to Virus Total online scanners. I wouldn't go to all this trouble but this app has very good possibilities and I don't want to dismiss it out of hand. The results are posted here, it back all clean. if anyone wishes to test and provide feedback i would appreciate the assistance. I will scan my entire system now looking for infections of any type, my previous full scans came up 0 before so any change should be related to the app. Wish me luck. I'll let you know how it went. Virus Total: Results: File osam_autorun_manager.msi received on 10.11.2008 21:52:38 (CET) Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED Result: 0/35 (0%) Loading server information... Your file is queued in position: 1. Estimated start time is between 37 and 53 seconds. Do not close the window until scan is complete. The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result. If you are waiting for more than five minutes you have to resend your file. Your file is being scanned by VirusTotal in this moment, results will be shown as they're generated. Compact Print results Your file has expired or does not exists. Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time. You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished. Email: Antivirus Version Last Update Result AhnLab-V3 2008.10.10.1 2008.10.10 - AntiVir 18.104.22.168 2008.10.11 - Authentium 22.214.171.124 2008.10.11 - Avast 4.8.1248.0 2008.10.11 - AVG 126.96.36.199 2008.10.11 - BitDefender 7.2 2008.10.11 - CAT-QuickHeal 9.50 2008.10.11 - ClamAV 0.93.1 2008.10.11 - DrWeb 4.44.0.09170 2008.10.11 - eSafe 188.8.131.52 2008.10.08 - eTrust-Vet 31.6.6141 2008.10.10 - Ewido 4.0 2008.10.11 - F-Prot 184.108.40.206 2008.10.11 - Fortinet 220.127.116.11 2008.10.11 - GData 19 2008.10.11 - Ikarus T18.104.22.168.0 2008.10.11 - K7AntiVirus 7.10.491 2008.10.11 - Kaspersky 22.214.171.124 2008.10.11 - McAfee 5403 2008.10.11 - Microsoft 1.4005 2008.10.11 - NOD32 3515 2008.10.11 - Norman 5.80.02 2008.10.10 - Panda 126.96.36.199 2008.10.11 - PCTools 188.8.131.52 2008.10.11 - Prevx1 V2 2008.10.11 - Rising 20.65.42.00 2008.10.10 - SecureWeb-Gateway 6.7.6 2008.10.11 - Sophos 4.34.0 2008.10.11 - Sunbelt 3.1.1715.1 2008.10.11 - Symantec 10 2008.10.11 - TheHacker 184.108.40.206.108 2008.10.11 - TrendMicro 8.700.0.1004 2008.10.10 - VBA32 220.127.116.11 2008.10.10 - ViRobot 2008.10.10.1416 2008.10.10 - VirusBuster 18.104.22.168 2008.10.11 - Additional information File size: 9299968 bytes MD5...: f3d6426eaa31be98618c21210bbc1054 SHA1..: c246aea1f15bbe65061709c053a31c9db4cb5e9c SHA256: e67ead2b31bbda8153c9765e60d26d9d9e4e7513f97d1279c4e084c7afebad05 SHA512: 9da42d7aa1e4b8e1e77eec32de7b491a1eb06e926390f1d56083204b276ec270 e8d4538251a4695f2fc34bb8827e905fb2eb3ff388a4fc30cf13a102a0c1f95d PEiD..: - TrID..: File type identification Microsoft Windows Installer (92.7%) Windows SDK Setup Transform Script (6.3%) Generic OLE2 / Multistream Compound File (0.8%) Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.