A file-checking Catch-22?


I’ve found that when CIS identifies a “threatening” file on my system, it’s usually a false positive. That’s okay—better safe than sorry. To determine if the file is actually a threat, I like to upload it to an online scanner (like Jotti’s or VirusTotal), which then checks it with many different antivirus engines.

Unfortunately, once CIS has identified a “threat”, it won’t let me upload that file (or copy it, or do anything else with it) unless I “clean” it, identify it as a trusted file, report it to Comodo as a false positive, or add it to my exclusion list… And I can’t do any of those things, because I don’t know if the file is actually good or bad yet.

Any ideas how I can get around this Catch-22? Thanks, Ander

Hi Ander,

Please follow the steps to send the detected file:

  1. Disable the Antivirus temporarily.

  2. Zip up the file with password protected (Password: “infected”) and send to
    falsepositive[at]avlab.comodo.com.So we can check it

3 . Re- Enable the Antivirus.


Oh, duh—why didn’t I think of that? You can temporarily turn off the a/v. Thanks for pointing that out, haja.

And sure, I’ll submit the file—but after I check it online. :wink: