Author Topic: False positive detection  (Read 4095 times)

Offline smax

  • Newbie
  • *
  • Posts: 17
Re: False positive detection
« Reply #15 on: March 20, 2018, 02:50:56 AM »
Hi Comodo team.
I submitted company Exent Technologies LTD to trusted vendors list using this form https://internetsecurity.comodo.com/trustedvendor/signup.php.
When can I get your answer?
Thanks

Offline bogdanr

  • First Response Group
  • Comodo's Hero
  • *****
  • Posts: 724
Re: False positive detection
« Reply #16 on: March 20, 2018, 06:11:25 AM »
Hi Comodo team.
I submitted company Exent Technologies LTD to trusted vendors list using this form https://internetsecurity.comodo.com/trustedvendor/signup.php.
When can I get your answer?
Thanks

Hi smax,

The submitted vendor is already present in our cloud based whitelisting database (we found only "Exent Technologies Ltd." as a valid signer, can you please provide download links for files signed by "Exent Technologies LTD" ?)

Thanks,
Bogdan
« Last Edit: March 20, 2018, 06:59:45 AM by bogdanr »

Offline smax

  • Newbie
  • *
  • Posts: 17
Re: False positive detection
« Reply #17 on: April 01, 2018, 04:09:14 AM »
Hi Comodo team.
Antivirus is still blocking our games. I've submitted download links for file signed by "Exent Technologies LTD"
http://www.freeridegames.com/games/695150/luxor?source=searchCatalog&actid=searchCatalog
« Last Edit: April 01, 2018, 04:19:42 AM by smax »

Offline Aravindhraj J

  • Comodo Staff
  • Comodo Family Member
  • *****
  • Posts: 77
Re: False positive detection
« Reply #18 on: April 01, 2018, 05:21:28 AM »
Hi smax,

Thank you for reporting this.
We'll check them and get back to you soon.

Regards,
Aravindhraj J

Offline bogdanr

  • First Response Group
  • Comodo's Hero
  • *****
  • Posts: 724
Re: False positive detection
« Reply #19 on: April 02, 2018, 02:45:05 AM »
Hi Comodo team.
Antivirus is still blocking our games. I've submitted download links for file signed by "Exent Technologies LTD"
http://www.freeridegames.com/games/695150/luxor?source=searchCatalog&actid=searchCatalog

This is what we see for provided download (we saw no files signed by "Exent Technologies LTD" ) :

Path   Verified   Publisher
temp folder       
c:\users\user\appdata\local\temp\nswF9ED.tmp - Copy\System.dll   Unsigned   n/a
c:\users\user\appdata\local\temp\pft47FF.tmp - Copy\ExentCtl.ocx   Signed   Exent Technologies Ltd.
c:\users\user\appdata\local\temp\pft47FF.tmp - Copy\exs.dll   Signed   Exent Technologies Ltd.
c:\users\user\appdata\local\temp\pft47FF.tmp - Copy\Setup.exe   Signed   Exent Technologies Ltd.
c:\users\user\appdata\local\temp\SDM143 - Copy\cmhelper.exe   Signed   Exent Technologies Ltd.
c:\users\user\appdata\local\temp\SDM143 - Copy\ExentCtlInstaller.dll   Unsigned   n/a
c:\users\user\appdata\local\temp\SDM143 - Copy\Free Ride Games.exe   Signed   Exent Technologies Ltd.
c:\users\user\appdata\local\temp\SDM143 - Copy\resourceDll.dll   Signed   Exent Technologies Ltd.
c:\users\user\appdata\local\temp\SDM143 - Copy\Splasher.dll   Unsigned   n/a
      
download folder      
c:\users\user\downloads\Luxor.exe   Signed   Exent Technologies Ltd.
      
installation folder      
c:\program files (x86)\free ride games\AppLoader2KEx.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\AX32.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\cmhelper.exe   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\CrashDump.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\d3dx9_32.dll   Unsigned   n/a
c:\program files (x86)\free ride games\DoDlg.exe   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\exs.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\GameInst.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\GameLauncher.exe   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\glutil.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\GPlayer.exe   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\GPlrLanc.exe   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\GUpdater.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\GUpdater.exe   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\npExentCtl.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\npGameTreatWidget.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\Report.exe   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\Uninstall.exe   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\wh_Pr143.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\X4Ex_Pr143.sys   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\X4HSEx_Pr143.sys   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\X5Ex_Pr143.sys   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\X5XSEx_Pr143.sys   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\X6Ex_Pr143.sys   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\X6XSEx_Pr143.sys   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\X7Ex_Pr143.sys   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\X7XSEx_Pr143.sys   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\X8Ex_Pr143.sys   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\X8XSEx_Pr143.sys   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\Angie15.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\Broad.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\cm.exe   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\CM15.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\CrashDump.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\d3d8.elf   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\d3d9.elf   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\ddraw.elf   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\Minx.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\RunDllEx2.exe   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\Widget.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\cef\cef_helper.exe   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\cef\chrome_elf.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\cef\d3dcompiler_47.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\cef\libcef.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\cef\swiftshader\libEGL.dll   Signed   Exent Technologies Ltd.
c:\program files (x86)\free ride games\IGL\13000049\cef\swiftshader\libGLESv2.dll   Signed   Exent Technologies Ltd.

Offline andrei.savin

  • Comodo Staff
  • Comodo Loves me
  • *****
  • Posts: 197
Re: False positive detection
« Reply #20 on: April 03, 2018, 09:51:10 AM »
Hello,
This is to inform you that the false-positive you have submitted has been fixed. Please update your AV database to version 28797 and confirm.

File SHA1: f02d8c64669b69767d5cb2628f59f5e040435f25

Best regards,
Andrei Savin
If possible please post your malware submissions as SHA1 lists (created with HashMyFiles or any other software). Always make sure first you have submitted the samples through CIS.

Offline smax

  • Newbie
  • *
  • Posts: 17
Re: False positive detection
« Reply #21 on: April 25, 2018, 05:55:41 AM »
Hi Comodo tem.
Thanks for answer.
We will begin to work with unsigned files. But antivirus is blocking signed files: AppLoader2KEx.dll, cmhelper.exe, GPlayer.exe, RunDllEx2.exe.   

Offline Deepak PV

  • Comodo Staff
  • Comodo Member
  • *****
  • Posts: 37
Re: False positive detection
« Reply #22 on: April 25, 2018, 06:35:38 AM »
Hi smax,

Thank you for reporting this.
We'll check them and get back to you soon.

Regards,
Deepak PV

Offline andrei.savin

  • Comodo Staff
  • Comodo Loves me
  • *****
  • Posts: 197
Re: False positive detection
« Reply #23 on: April 25, 2018, 02:10:17 PM »
Hi,
This is to inform you that the false-positives you have submitted have been fixed.
Please update your AV database to version <28914> and confirm.

Best regards,
Andrei Savin
Comodo Antivirus Lab
If possible please post your malware submissions as SHA1 lists (created with HashMyFiles or any other software). Always make sure first you have submitted the samples through CIS.

Offline smax

  • Newbie
  • *
  • Posts: 17
Re: False positive detection
« Reply #24 on: June 18, 2018, 01:59:47 AM »
Hi, comodo team,
I wrote that your antivirus blocked our games (http://www.freeridegames.com/games/695150/luxor?source=searchCatalog&actid=searchCatalog). This problem is still present. Do you have any issues for resolving this problem?
Thaks.

Offline Ananthalakshmi

  • First Response Group
  • Newbie
  • *****
  • Posts: 23
Re: False positive detection
« Reply #25 on: June 18, 2018, 02:12:04 AM »
Hi smax,

Thank you for reporting this.
We'll check them and get back to you soon.

Regards,
Ananthalakshmi M

Offline Ananthalakshmi

  • First Response Group
  • Newbie
  • *****
  • Posts: 23
Re: False positive detection
« Reply #26 on: June 18, 2018, 08:22:33 AM »
Hi,

This is to inform you that the false-positive you have submitted is not detected by Comodo Internet Security with database version 29199.
Please make sure the antivirus database is up-to-date and try again.
If detection is still present, please submit the file to https://forums.comodo.com/av-false-positivenegative-detection-reporting-b154.0/
along with details about the environment in which this event occured.

Luxor.exe  SHA1:df62bdd902030e81ccc1f510305f5b57788bcfce

Offline smax

  • Newbie
  • *
  • Posts: 17
Re: False positive detection
« Reply #27 on: October 08, 2018, 07:41:58 AM »
Hi Comodo team,
The BSOD (Stop code: Unexpected Kernel Mode trap, what failed: ntfs.sys) appears when our users are trying to play games alongside Comodo Internet Security. This issue can be reproduced by installing the Freeridegames Player and starting a game, a BSOD appears immediately when a game was started. The issue does not reproduce when realtime scan is turned off or when folder (C:\Program Files (x86)\Free Ride Games) was added to Scan exclusions.
We are awaiting your swift resolution to this issue.
If you have any questions, feel free to contact me by mail: msyvash[at]exent.com
Best regards.



Offline Ananthalakshmi

  • First Response Group
  • Newbie
  • *****
  • Posts: 23
Re: False positive detection
« Reply #28 on: October 08, 2018, 08:58:45 AM »
Hi smax,

Thanks for reporting.
Could you please submit the detected file at http://internetsecurity.comodo.com/submit.php

Regards,
Ananthalakshmi M

Offline smax

  • Newbie
  • *
  • Posts: 17
Re: False positive detection
« Reply #29 on: October 09, 2018, 01:48:20 AM »
Good morning,
Thanks for your quick answer
I have submitted archive "FreeRideGames.zip" with files which have problems.

Best regards

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek