Author Topic: Post here your unfixed FP's (only after 2 days)  (Read 119975 times)

Offline gmohan

  • Comodo's Hero
  • *****
  • Posts: 368
Re: Post here your unfixed FP's (only after 2 days)
« Reply #30 on: May 31, 2009, 08:42:49 AM »
Hi Camille Case,

Hello,

FP's reported over e-mail on may 25 (DB 1198) are still not fixed with DB 1215 1219.
See also this topic : https://forums.comodo.com/false_positivenegative_reporting_is_this_a_malware_that_cis_hasnot_detected/fp_in_windows_xp_system_files-t40127.0.html;msg291230#msg291230

Thanks
Hi,

2 of 3 FP's (netsetup.exe and msnsusii.exe) fixed with DB 1220.   :)

Reported FPs have been fixed in DB 1224.

Regards,
-Chandra Mohan

Offline ComoJust

  • Comodo's Hero
  • *****
  • Posts: 274
Re: Post here your unfixed FP's (only after 2 days)
« Reply #31 on: June 03, 2009, 12:40:25 PM »
Hi,

Please correct this false positive.

ThunderWatcher.exe still detected in DB 1248

Thanks

http://forums.comodo.com/false_positivenegative_reporting_is_this_a_malware_that_cis_hasnot_detected/false_positive-t39944.0.html

Offline Saxuality

  • Comodo's Hero
  • *****
  • Posts: 485
  • Saxy Mood ^_^
Re: Post here your unfixed FP's (only after 2 days)
« Reply #32 on: June 04, 2009, 06:10:00 PM »
Please check a file named bass_alac.dll in AIMP 2 music player.

CIS detects it as Heur.Packed. The FP has not been fixed for more than 2 weeks.
Mac OS X Lion 10.7.3 - For Work
Windows 7 Ultimate SP1 64 bit/No Security Software - Only For Games

"Sax-a-Go-Go"

Security software makers should be thankful for malware writers and hackers for their multi billion dollar businesses. Ironic isn't it?

Offline Saxuality

  • Comodo's Hero
  • *****
  • Posts: 485
  • Saxy Mood ^_^
Re: Post here your unfixed FP's (only after 2 days)
« Reply #33 on: June 05, 2009, 09:28:35 AM »
Please check a file named bass_alac.dll in AIMP 2 music player.

CIS detects it as Heur.Packed. The FP has not been fixed for more than 2 weeks.

Thank you for quick reaction, the FP has been fixed in the latest database  :-TU
Mac OS X Lion 10.7.3 - For Work
Windows 7 Ultimate SP1 64 bit/No Security Software - Only For Games

"Sax-a-Go-Go"

Security software makers should be thankful for malware writers and hackers for their multi billion dollar businesses. Ironic isn't it?

Offline patrice58

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 780
Re: Post here your unfixed FP's (only after 2 days)
« Reply #34 on: June 06, 2009, 01:28:20 PM »
Heur.Suspicious[at]19750095 location X:\Downloads\H\WD_Windows_Tools\Google\Desktop\ESN\setup.exe.downloading

Tested with database 1203

Original forum post https://forums.comodo.com/false_positivenegative_reporting_is_this_a_malware_that_cis_hasnot_detected/maybe_a_fp-t40073.0.html

Remember this one? Chandra Mohan, yep it's the one you skipped it and moved on to another post that was posted later now I think that's rude even tho it has now been dealt with it was not at the time of posting.
« Last Edit: June 06, 2009, 01:31:36 PM by patrice58 »
Vista Home Premium 32 bit (user account) CISC 4.1.150349.920 + CAV (On Access) + Sandbox,V-Engine 2.7.0.37, SpywareBlaster 4.3, SAS (free), a-squared (free) MBAM (free) Finjan Secure Browsing, Windows Defender (scanner only), Zemana AntiLogger 1.9.2.206,

hailong.wang

  • Guest
Re: Post here your unfixed FP's (only after 2 days)
« Reply #35 on: June 06, 2009, 08:58:59 PM »
Heur.Suspicious[at]19750095 location X:\Downloads\H\WD_Windows_Tools\Google\Desktop\ESN\setup.exe.downloading

Tested with database 1203

Original forum post https://forums.comodo.com/false_positivenegative_reporting_is_this_a_malware_that_cis_hasnot_detected/maybe_a_fp-t40073.0.html

Remember this one? Chandra Mohan, yep it's the one you skipped it and moved on to another post that was posted later now I think that's rude even tho it has now been dealt with it was not at the time of posting.


Hi patrice58,
Mentioned FP has been fixed.
Please update your DB to 1232.

Regards,
-Chandra Mohan

Offline disPPlay

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 843
  • WE <3 COMODO
« Last Edit: June 08, 2009, 12:47:24 PM by DiSP »

Offline Vaishnavi

  • Comodo's Hero
  • *****
  • Posts: 376
Re: Post here your unfixed FP's (only after 2 days)
« Reply #37 on: June 09, 2009, 12:37:57 AM »
Hi DiSP,

http://forums.comodo.com/false_positivenegative_reporting_is_this_a_malware_that_cis_hasnot_detected/fp_btnext_btnext118_cyberscript32_npgp_npcipher_nppsk_npupdate0-t40784.0.html



btnext, and btnext_1.1.8 are not yet fixed.

edit: it's still getting detected




Thanks,
disPlay

Reported FPs are fixed in DB 1290.
Kindly update and verify.

Regards,
Vaishnavi.V.K

Offline disPPlay

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 843
  • WE <3 COMODO
Re: Post here your unfixed FP's (only after 2 days)
« Reply #38 on: June 10, 2009, 06:14:44 AM »
Hi DiSP,

Reported FPs are fixed in DB 1290.
Kindly update and verify.

Regards,
Vaishnavi.V.K


Verified FPs fixed

Thanks,
disPlay

Offline eXPerience

  • Left the Forums
  • Comodo's Hero
  • *****
  • Posts: 6958
  • Free Forever !
Re: Post here your unfixed FP's (only after 2 days)
« Reply #39 on: June 20, 2009, 07:55:44 AM »
Got this over pm

Quote
Hi,

I have reported a false positive for quite some time now but it has not been corrected.
http://forums.comodo.com/false_positivenegative_reporting_is_this_a_malware_that_cis_hasnot_detected/false_positive-t39944.0.html

This comes from a free screen reader designed to support blind and visually impaired users, so it would be nice if Comodo could correct this mistake.
http://www.screenreader.net/index.php?pageid=2

There are thousands of people who are using this software without any problem, so this cannot be a trojan.  Mcafee has already corrected this false positive(Artemis) when I have reported it.

Before I reported it:
http://www.virustotal.com/analisis/a4eebaa56077fd6fba07e755815930e396ef53d67ee76cd79cba53e99693b6c3-1243856315

After I reported it:
http://www.virustotal.com/analisis/a4eebaa56077fd6fba07e755815930e396ef53d67ee76cd79cba53e99693b6c3-1245491201

Here is WOT an Mcafee site advisor ratings:
http://www.mywot.com/en/scorecard/screenreader.net
http://www.siteadvisor.com/sites/screenreader.net

Thanks for doing the needful.

Xan

Offline eXPerience

  • Left the Forums
  • Comodo's Hero
  • *****
  • Posts: 6958
  • Free Forever !
Re: Post here your unfixed FP's (only after 2 days)
« Reply #40 on: June 21, 2009, 06:56:32 AM »
Camille, please send it also here

http://internetsecurity.comodo.com/submit.php

Xan

Offline kingsdave

  • Comodo Loves me
  • ****
  • Posts: 122
Re: Post here your unfixed FP's (only after 2 days)
« Reply #41 on: July 20, 2009, 08:50:11 PM »
These two have been around for a long long time. I posted in the FP thread 3 or 4 versions back, They've been submitted through the program and 3 times now on the web submission page, most recently on the th and 19th of this month.

Heur.Packed.Unknown C:\hp\bin\USBPwrMGMT.exe
Heur.Packed.Unknown C:\Program Files\Lavalys\EVEREST Home Edition\everest_icons.dll

Offline kingsdave

  • Comodo Loves me
  • ****
  • Posts: 122
Re: Post here your unfixed FP's (only after 2 days)
« Reply #42 on: July 30, 2009, 06:32:58 AM »
Still there with DB 1812.

Heur.Packed.Unknown C:\Program Files\Lavalys\EVEREST Home Edition\everest_icons.dll

Offline Ionel

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 846
Re: Post here your unfixed FP's (only after 2 days)
« Reply #43 on: July 30, 2009, 07:52:56 AM »
Still there with DB 1812.

Heur.Packed.Unknown C:\Program Files\Lavalys\EVEREST Home Edition\everest_icons.dll

Hi kingsdave,

Can you please point the post where this file was not fixed?

We might detect another version of this file, in this case please submit the sample at:

http://internetsecurity.comodo.com/submit.php

Thanks and regards,
Ionel

Offline kingsdave

  • Comodo Loves me
  • ****
  • Posts: 122
Re: Post here your unfixed FP's (only after 2 days)
« Reply #44 on: July 30, 2009, 08:10:30 AM »
Hi kingsdave,

Can you please point the post where this file was not fixed?

We might detect another version of this file, in this case please submit the sample at:

http://internetsecurity.comodo.com/submit.php

Thanks and regards,
Ionel

I'm not sure what you're asking in the first sentence, but the file has been submitted at that link several times.  Since I started tracking the date I sent it on July 4th, the 19th, the 25th, and again prior to my post today.
« Last Edit: July 31, 2009, 05:53:37 AM by kingsdave »

 

Seo4Smf 2.0 © SmfMod.Com | Smf Destek