Scanning for Superfish and other Komodia-powered malware

flatfly · Feb 23, 2015

Thought this would be the right place to share this:

A colleague of mine has made a small scanner to identify ANY apps that feature the infamous Komodia DLLs, regardless of their filenames (hash-based scan). There's a small post about it here:

http://hexatomium.github.io/2015/02/23/komodia-sha1-fast-finder/

Background info: http://arstechnica.com/security/201...tened-lenovo-users-found-in-a-dozen-more-apps

Tarnak · Feb 23, 2015

That link to the tester...hxxp://trax.x10.mx/files/komodia_sha1finder.exe ... "404 not found".

flatfly · Feb 23, 2015

Tarnak said: ↑

That link to the tester...hxxp://trax.x10.mx/files/komodia_sha1finder.exe ... "404 not found".
Click to expand...

The link was wrong apparently. Works for me now - try to refresh the blog page.

Tarnak · Feb 23, 2015

Thanks...got it...Only 27 KB....Just have to see if it needs to run as Admin....

flatfly · Feb 23, 2015

It works both as admin and non-admin, though it will (obviously) be able to scan more files as admin.

Tarnak · Feb 23, 2015

It is running now as non-admin.... Slowly...DefenseWall keeps warning...and I allow each time ...LOL

Tarnak · Feb 23, 2015

I am clear! ...it seems.

Log in or Sign up

Scanning for Superfish and other Komodia-powered malware

flatfly Registered Member

Tarnak Registered Member

flatfly Registered Member

Tarnak Registered Member

flatfly Registered Member

Tarnak Registered Member

Tarnak Registered Member

Log in or Sign up

Scanning for Superfish and other Komodia-powered malware

flatfly Registered Member

Tarnak Registered Member

flatfly Registered Member

Tarnak Registered Member

flatfly Registered Member

Tarnak Registered Member

Tarnak Registered Member

Useful Searches