2 False positives, How to report?

Hello guys!

I would like to know how to report two false postives that happened in my machine…?

2 files:

→ default.sfx (backdoor.win32.rbot.fo) and patch.exe (backdoor.win32.rbot.abj) , both belong to winrar application and were quarantined…

The first one were detected by AVG and Avast about a year ago. I report the false positive and they fixed… The second one, never was detected by any other AV and I know that is malware free… Trust me… ;D

I submitted for you from the quarentine both files, to see if you guys could fix the signature to avoid this false positives…

But I dont know if this method of submit is just to supicious files or if I could use to report false positives too? I didnt find any place to tell that is a false positive and not a malware…

By the way, I sent from the quaratine 3 trojans bankers samples that were not detected by Comodo and are very active in the orkut community… I hope you guys can add new undetected samples very fast as AVG and kaspersky does… ;D

Until now, I am very pleased with this software (AV + Firewall)… I really didnt expected find the quality that I have found on both Comodo products… ;D

I understand how hard is to build a malware signature database, so thats why I am not expecting detections rate as Kaspersky or Mcafee… But I believe if you guys could add in the wild samples (as trojan bankers, email worms etc) fast, you will provide a very good security level and will be able to create a big signature database in no time…

Congratulations and Thanks for make it free!


G’day and welcome to the forums.

Comodo AntiVirus (CAV) submit option is used to send ANY file to Comodo Labs fro checking. If it’s found to be a false positive, they’ll flag it as such in an update. They aere working towards adding malware detection into CAV, so if you cop any spyware, please submit these as well. The more we submit, the better the product gets.

Hope this helps,
Ewen :slight_smile:

Hello Guys!

Just to turn public that both false positives were fixed!

Thanks Comodo team! (WCF4)