Hi all. Just upgraded from CIS 3.9.95478.509 to 3.10.102194.530, and found what is probably a false positive. Path on my machine:
C:\drv\Modem0\sm56unst.exe
File desc: "Motorola SM56 Uninstall Utility"
File size: 258,048 bytes
File mod date: Monday, June 06, 2005, 10:40:44 PM
Detected by CIS 3.10 AV as: "TrojWare.Win32.Inject.~AA[at]25568513"
Virus Signature Database Version: 1544
CIS 3.9's AV never complained about this file, and it's apparently been there quite awhile. I ran this file through virscan.org, and it came back clean from ALL the scanning engines, including Comodo AV 3.9 (the most recent version virscan.org has, apparently).
Given all this, I'm almost completely sure it's an FP. Can someone at Comodo have a look? I'm going to "quarantine" the file in the meantime, since a modem uninstall program is unlikely to be something I, or Windows, will need in the immediate future.
Thanks guys!
Hi puddingpants,
We are going to have a look at it and will get back to you after investigation.
Regards,
hailong.wang
Author