Post here your unfixed FP's (only after 2 days)

[Guest]

[Vaishnavi]

Hi superbabouche,

Hi,
There is again a problem about the Google Toolbar. Google Toolbar creates a temporary file but there is a possible malware inside.

My original FP: Google Toolbar - False positive detection at https://forums.comodo.com/false_positivenegative_reporting_is_this_a_malware_that_cis_hasnot_detected/google_toolbar_false_positive_detection-t46949.0.html
Last test with CIS: 03:51 am on october 30th, 2009
Virus database: 2777
--------

For now, the actual problem is like this:

False positive filename: gt30CF.tmp
Name of the FP: Heur.Suspicious[at]70862321
Website of the program: http://www.google.com/intl/fr/toolbar/ie/index.html
CIS database: 2777


10-4.

Reported FP has been fixed in DB 2782 of CIS 3.12.111745.560.

Regards,
Vaishnavi.V.K

[shaogang.he]

I have a problem with Spotify, it has always worked but yesterday my antivirus showed a warning of C:\Users\****\Program\Spotify.exe. 

It requested me to delete or put it in quarantine, I deleted it and reinstalled Spotify but I still have the same problem. Here's what the warning sign says : Heur.Suspicious[at]95263058.

Please help, I won't survive without my beloved spotify! 

Hi,Naveus
We are going to check it out and will get back to you shortly.
Thanks   
Shaogang

[Ionel]

Hi Naveus,

I have a problem with Spotify, it has always worked but yesterday my antivirus showed a warning of C:\Users\****\Program\Spotify.exe. 

It requested me to delete or put it in quarantine, I deleted it and reinstalled Spotify but I still have the same problem. Here's what the warning sign says : Heur.Suspicious[at]95263058.

Please help, I won't survive without my beloved spotify! 

This false-positive is already fixed with DB 3783. You can check and confirm.

Regards,
Ionel

[dizzib321]

Can someone please help?  I got a 2 warnings from comodo saying it had detected 2 viruses called Heur.Dual.Extensions. I clicked to remove but in the antivirus events it doesn't say it has removed ithem. They are stored in a temp folder.  I submitted them both and one came back as a FP but the other could not be processed, saying this file cannot be detected.  I have tried again but am worried as I reported them on Sunday and it still isn't sorted.  It has the file name gtbFECA.tmp.exe.  I update every day and scan about once a month.  Any advice???

[Ionel]

Hi dizzib321,

Can someone please help?  I got a 2 warnings from comodo saying it had detected 2 viruses called Heur.Dual.Extensions. I clicked to remove but in the antivirus events it doesn't say it has removed ithem. They are stored in a temp folder.  I submitted them both and one came back as a FP but the other could not be processed, saying this file cannot be detected.  I have tried again but am worried as I reported them on Sunday and it still isn't sorted.  It has the file name gtbFECA.tmp.exe.  I update every day and scan about once a month.  Any advice???

We received the file from you and at the time you reported, it was not detected anymore as it was fixed with a previous Antivirus DB version. Previously was detected by heuristics as "Heur.Dual.Extension". The file was confirmed that it's not malware and you can further use it without any concerns. If it's still detected on your system, please try to update CIS and it's Antivirus DB and if it's still not fixed, please let us know.

A response was sent back to you via email as well.

Thanks and regards,
Ionel

[dizzib321]

Thank you so much, that was quick....

[Chiron]

Hello, I recently reported a false positive through the web interface and I received an email telling me that it is not detected.

I checked again and the file is still being detected. I am running:
CIS V4.0.133118.719
Database 4031

I have the heuristics set to high. I have attached the file below.

I'm now at DB 4097 and the file is still detected. It is still being detected as Heur.Dual.Extensions as it is a .tmp.bat. I have attached it to this post.

[Ionel]

Hi Chiron,

I'm now at DB 4097 and the file is still detected. It is still being detected as Heur.Dual.Extensions as it is a .tmp.bat. I have attached it to this post.

This was indeed confirmed as false-positive, but there is a known issue fixing this with CIS v4, therefore we recommend to add the file to exclusion list until final adjustments are made in order to solve this.  

Thanks and regards,
Ionel

[Ionel]

Hi Chiron494,

I'm now at DB 4097 and the file is still detected. It is still being detected as Heur.Dual.Extensions as it is a .tmp.bat. I have attached it to this post.

The false-positive is now fixed with DB 4199. You can update and verify.

Thank you for reporting it!

Regards,
Ionel

[Terepin]

After 8(!) days AnVir Task manager Free FP still isn't fixed!

[Ionel]

Hi Mr.Henky,

After 8(!) days AnVir Task manager Free FP still isn't fixed!

Sorry for the inconvenience, we will fix this false-positive as soon as possible.

Regards,
Ionel

[Ionel]

Hi Mr.Henky,

After 8(!) days AnVir Task manager Free FP still isn't fixed!

The false-positive was fixed with DB 4296. You can verify and confirm.

Thanks and regards,
Ionel

[Terepin]

Yeah, that FP is fixed.
But now there is a new one.

[haja]

Hi Mr.Henky,

Yeah, that FP is fixed.
But now there is a new one.

Thanks for reporting again.Detection will be removed in next few updates.

Thanks,
Haja

[Ionel]

Hi Mr.Henky,

Yeah, that FP is fixed.
But now there is a new one.

The false-positive was fixed with DB 4306.

Regards,
Ionel

[Tags:]