about bittorrent.com client ...

Comodo Internet Security - CIS AV False Positive/Negative Detection Reporting
#1

Hi There,

Started from yesterday… Comodo prompt me saying the bittorrent client (which downloaded from bittorrent.com, and version 7.2) is “Packed.Win32.MUPX.Gen@129019204”

Could you please kindly look into it, see if it’s really malware or false alert?

Thanks.

#2

Hi asdyui,

Thanks for reporting.Could you please submit the detected file at Comodo Firewall | Get Best Personal Firewall Software for $29.99 A Year.

Regards,
Vaishnavi.V.K

#3

i’ve also been having ‘Packed.Win32.MUPX.Gen’ detections since yesterday, but it was in one my games file (my ‘mass effect’ exe), and again today on a file in the restore folder.

#4

Hey and warm Welcome to the forum mataku!

I find it strange; I use Bittorrent and I have never got a virus warning. May I ask when you downloaded bittorrent?

I don’t recommend you to restore if CIS (comodo internet security) says it’s a malware.

Regards,
Valentin

#5

2 different dudes, man…

#6

I have downloaded it (from bittorrent.com), scanned and runed it and no malware. If you want i can send it to you. send me a pm of your mail and I wil send you the exe that has no malware.

Regards,
Valentin

#7

Hi Valentinchen,

Thanks for replying…

I downloaded it from bittorrent.com (http:// download. bittorrent. com/dl/BitTorrent-7.2.exe) just now (again). I scanned it with Comodo AV, and is no problem.

But when I run it. It says malware again.

Strange…

#8

Hi,

This is to inform you that false-positive has been fixed.
You can update to AV database Version <6785> of Comodo Internet Security
Version<5.0.162636.1135> and confirm it.

Thanks.

Kind Regards,
Comodo AntiVirus Lab
Erik M.

#9

I use CIS with the latest DB. I just downloaded the Bit Torrent installer and ran it. During the installation Comodo threw up the same warning already reported. I aborted the installation and uploaded the installer file to viruscan.org. Viruscan is using your latest AV db (6785). The results I got are at

http://virscan.org/report/71ec79726dba6be67d225b2af2de8885.html

Comodo is the only one of the 36 scanners that detected a positive, so I’m hopeful that it is just a false positive. I may be being overcautious, but could you please reconfirm that this is the case?

thanks!

#10

Hi mlewis ,

That was actually confirmed being FP already , so what’s surprising about that?

Comodo’s AV has the highest rate of FPs on the market & very low detection rate currently (~ 60%)

Cheers!

#11

I really have to disagree with the lowest detection, I have seen many tests and I will also be making a video showing the top free AV’s out there against about 2200 new malware. I say right now comodo is right along with everyone else.

#12

Nothing against your disagreements, languy99

You are doing a great job. I am always saying that
… but you test & I have my tests several hours later and …hmmm

the detection is still very far from perfect and still stays ~60 % as it was posted previously by different independent test sites … it all depend on the environment where AV/ time / Software changes / many other factors / and so on & so forth

Not good enough , by my opinion…

… but hey… Cheer up !

as Comodo’s CEO stated in our previous discussions about the issue -

  • this AV was developed just “for convenience” in order to have a Suite… no more than that
    so… what one can expect ?

Then, keeping in mind that none of existing solutions are able to protect you 100%
… use “this or that one” whatever you like

anyway, I was talking about the bittorrent FP as in the initial request & & just let the useser know that he/she should not be so concerned (or should be ??? hhhmmmm 88)) about this AV

Cheers!

#13

Same problem , today i have downloaded one mp3 from a legal site NO WAREZ , with uTorrent and comodo alert me with message Packed.Win32.MUPX.Gen. Tryed to scan a file with VirusTotal and only Comodo reported the infection.

At this links you can check a complete report: http://www.virustotal.com/file-scan/report.html?id=49ed872c0bd89f6b21d44ac699ec5ad2d599100813aa98994239ee399c586086-1290349204

#14

Hi progmatrix,

Please post link to the legal site, where You download this free mp3.
This file looks like not copleted downloading. In current state file looks like not MP3 file.
Thanks.

Kind Regards,
Erik M.

#15

I must have missed this post, but to be fair, I had a few months away from the forum.

If this is the case though, I’d have to be surprised because Melih was always saying that within a year of the AV’s introduction, Comodo would make it one of the top performing AV’s. Which I think in actuality wasn’t far from the mark.

#16

Please don’t go off topic SiberLynx. This is not the proper sub board for this type of discussions. It is solely for submitting false positive and false negative detections.

The AV was initially developed to reduce the amount of D+ alerts as part of an approach that tended to value prevention (D+; nowadays also the sandbox) in the first place. Over time Melih’s ideas about the AV changed as HeffeD points out correctly. Detection rate, getting tested by renowned testing agencies and removal are now put higher on Comodo’s agenda.

#17

Hi mod.,

I just downloaded the latest version of BitTorrent from official (ver. 7.2.0.23296), and I getting the warning again.

Please can you kindly check and confirm it again?

Thanks.

#18

And BTW… my Comodo VS DB version is 6800

#19

I downloaded it and let CIS manually scan with database 6800 and Heuristics set to Low, Medium and High. It didn’t give me warnings. Also when I enabled Cloud scanning for manual scanning.

What version of CIS are you using?

#20

Hi EricJH,

I’m using version 5.0.163652.1142 + VS DB 6800.

And BTW… did you tried running it?

I seems to have issue when running the .exe

Thanks!!