title the program/file that is detected:
detected : Virus.Win32.Virut.CE@86480074
CIS database #: 10752
It is hard to see how only my patch would have been infected. Comodo detected it as soon as the patch ran and I quarantined it immediately. Others seem to be reporting that a virus, possibly only based on heuristics, was reported by unspecified other AV software, but there are at least some other reports of viruses associated with this game’s latest patch.
I tried submitting it from the quarantine list and it was displayed as “already submitted” with a green check by it. I don’t know if this means it was automatically submited by comodo from my PC or other comodo users have also already submitted it …
You can temporarily disable the AV, then release it from quarantine, remember that Defense+ will still protect you. Then you can upload it as a false positive. Once that is done you can turn your AV back on and quarantine it until the analysis is complete.
Unsure if it would help, I still I also took the measure, while the actual file was in quarantine, of creating a dummy file with the same name and set up custom rules under defense+ for it … I set CIS to block all the available accesses by it. I wasn’t sure which would be safer on the other tab: activate all protections or leave them inactive? I made them all active in case it was something else interacting with the file that might be a risk. I then deleted the dummy file and unquarantined the actual file with the new rule already in place for the brief period it was out of quarantine. I assumed these were things that comodo might otherwise not guard against. I tried to make sure I did everything I could have during the unavoidable additional brief exposure so any clarification of this would be appreciated.