Over 1.1 Million Signatures and Comodo's Database continues to grow rapidly!

[Guest]

[eXPerience]

a lot of FP's have been corrected in the last beta and I'm sure they will even work further to make sure these come as close to 0 as possible...

Xan

[Yaraslau]

Hm... Every crack-patcher is defined as malware-patcher. Is it really malware? Of cause, no! FP? Probably, so.

From the previous post: as close to 0 as possible...  DREAM!!!!!!!!!!!!!!!!!!!

P.S. please, don't say crack is malware...

[RejZoR]

Even though cracks are illegal, they aren't malware and every antivirus thats detecting it and not willing to fix the false positive is bad in my eyes. If their excuse is the fact that they are cracks, well thats a bad one. Anyone could just add it to exclusions. What's worse is that some are indeed infected or just a replica of real malware and so users can't know for sure. And we all know we'll never prevent users from downloading cracks, keygens and patches...

[darcjrt]

Hm... Every crack-patcher is defined as malware-patcher. Is it really malware? Of cause, no! FP? Probably, so.

From the previous post: as close to 0 as possible...  DREAM!!!!!!!!!!!!!!!!!!!

P.S. please, don't say crack is malware...

A generic signature based AV will rate most patches as susp or flag it as malware because they have a line or multiple lines of code similar as a malware family. that is way most AVs rate patches as Trojan.Generic or something like that. For the AV they are malware as they open and inject code to another file.

[icecube1010]

Even though cracks are illegal, they aren't malware and every antivirus thats detecting it and not willing to fix the false positive is bad in my eyes. If their excuse is the fact that they are cracks, well thats a bad one. Anyone could just add it to exclusions. What's worse is that some are indeed infected or just a replica of real malware and so users can't know for sure. And we all know we'll never prevent users from downloading cracks, keygens and patches...

This is very true.  Especially when you just bought a game and want to get a nocd or nodvd patch for it.  This is very common.  I remember using Avira a while back and it detected about 5 games I had with this nocd crack or patch.  I had to check these executables to virustotal to feel safe that they were FP.  When I used Avast, I never had these types of FP's.

Ice

[eXPerience]

Please do not forget that some keygens are created by anticrackers and they are malicious...

Xan

[commanding the celsius]

I doubt comodo has any interest to label any cracked software as a malware, we will probably get less and less FP with time, Right now I think the focus will be detection mostly, but the latest beta showed some major progress in the False Positive field, Lets see how the RC does later on..
 

[Yaraslau]

I doubt comodo has any interest to label any cracked software as a malware

Malwarebytes Anti-Malware identifies MBAM cracks as trojans. Sure, team CRUDE only cracks, but not infects their own cracks.

[eXPerience]

Guys, this is the last post about it please do not talk anymore about cracks as it is illegal and so against the forum policy 

Illegal or inappropriate content. Comodo is focused on building trust on the internet. Members discussing or inciting illegal activity, posting or requesting anything illegal or inappropriate will be warned or banned as appropriate.

Thanks,

Xan

[3xist]

Guys, this is the last post about it please do not talk anymore about cracks as it is illegal and so against the forum policy 
 

Thanks,

Xan

And if so, Melih and myself won't be creating new threads and Melih will stop updating sigs number on these threads.

Cheers,
Josh

[RejZoR]

eXPerience, we are not talking about anything specific and we aren't posting any links or actual cracks so i see no reason to censor it. I'm just pointing iout the most common problem. For example ALWIL guys fix no-cd patches, however AVIRA refuses no matter even if detection is completelly off. No-cd patches are in grey area anyway, however i don't support cracks either but false detections are false and not fixing them will just make to generate more false positives on other files.

[commanding the celsius]

Iam with RejZoR on this one, many sites tests the amount of FP these days, not just detection so I hope it will kick some ass in this field as well! Submit all FP and help make comodo kick ass! =)

http://forums.comodo.com/beta_corner_cis/comodo_internet_security_beta_3861948459_av_false_positives_reports-t33536.0.html

[icecube1010]

eXPerience, we are not talking about anything specific and we aren't posting any links or actual cracks so i see no reason to censor it. I'm just pointing iout the most common problem. For example ALWIL guys fix no-cd patches, however AVIRA refuses no matter even if detection is completelly off. No-cd patches are in grey area anyway, however i don't support cracks either but false detections are false and not fixing them will just make to generate more false positives on other files.

Not to get off topic here, but if gaming companies made their games to not use the cd or dvd in the drive, there would be less people looking for nocd or nodvd patches.  Hopefully, Comodo will not flag these .exe's as such.

Ice

[Breen]

I've got quite big package of new (2008/2009) malware. I've tested it with CAVS and it couldn't detect lots of it, every undetected file I'm uploading to Comodo reaserch. How long it takes to analize and add these samples to database? I hope not too long, because these files are nasty  .

[.FaZio93.]

I've got quite big package of new (2008/2009) malware. I've tested it with CAVS and it couldn't detect lots of it, every undetected file I'm uploading to Comodo reaserch. How long it takes to analize and add these samples to database? I hope not too long, because these files are nasty  .

It depends on how much malware the analyzers are currently receiving. As you can see from this thread, they are working as fast as they can.   

[Tags:]