CIS Antivirus reports that C:\Windows|System32\sysres.dll is a virus
The sysres.dll file does not have any descriptive info (Name, Company, version, etc.) which I find very odd, but VirusTotal reports that the file is found to be OK by EVERY antivirus system including Comodo, as of 3/31/09, so I had the file reanalyzed and all including Comodo found the file to be OK. The Comodo db that they report using is 1157.
The message that I get is: Heur.Packed.Unknown
I’m using 3.9.95487.509 with db 1192, so how can VirusTotal’s use of Comodo say that the file is OK while mine saya that it is a virus, and why is there such a wide difference in db numbers between my 1192 and their 1157, since they say that all of their virus db were updated today, 5/23/09?
I believe that I did report the false positive as directed in the link. As noted in the link, I can’t upload the file to this forum, so I emailed it again as indicated in the link. I believe that I also sent it to Comodo via the submit mechanism.
What more would you like me to do?
This file is one of several that has been on my hard disk unmodified for some time, and with which previous versions of CIS had no problem.