JoWa
January 16, 2009, 8:24am
1
Please post only COMODO Internet Security 3.5.61373.458 BETA false positives reports here.
Please include the following information;
Application name and download URL (if known)
False positives for the current release version of CIS (V3.5.5X) shold be reported at
https://forums.comodo.com/false_positivenegative_reporting_is_this_a_malware_that_cis_hasnot_detected-b154.0/
COMODO Internet Security 3.5.61373.458 BETA, Database Version: 301, Heuristics: Medium
COMODO Internet Security Logs
Table : Antivirus Logs
Date Created : 2009-01-16 09:12:07
Log Scope : Today
Records count : 4
Date/Time Action Location Malware Name Status
2009-01-16 08:43:28 Detect C:\Program\Delade filer\Adobe\Plug-Ins\CS4\File Formats\Camera Raw.8bi Heur.Pck.Armadillo Success
2009-01-16 08:43:49 Detect C:\Program\Diino\bass.dll Heur.Packed.Unknown Success
2009-01-16 08:48:16 Ignore C:\Program\Delade filer\Adobe\Plug-Ins\CS4\File Formats\Camera Raw.8bi Heur.Pck.Armadillo Success
2009-01-16 08:48:17 Ignore C:\Program\Diino\bass.dll Heur.Packed.Unknown Success
End of The Report
Adobe Camera RAW: http://www.adobe.com/support/downloads/detail.jsp?ftpID=4220 http://download.diino.com/4.2/Diino_4.2_Setup.exe
JoWa
January 16, 2009, 10:35am
2
COMODO Internet Security 3.5.61373.458 BETA, Database Version: 301, Heuristics: Medium
Heur.PEBomb[ at ]0 in WindowsXP-KB951748-x86-SVE.exe and WindowsXP-KB958687-x86-SVE.exe, both downloaded from Microsoft Download Center.
Kyle142
January 16, 2009, 12:40pm
3
Auslogics disk defrag,
HEUR - HIGH.
panic
January 16, 2009, 12:41pm
4
Application name and download URL (if known) www.code-crafters.com
Currently selected heuristic level
Reported infection
Details of a CIMA link for comparison (if submitted) http://camas.comodo.com/cgi-bin/submit?file=5dfc8acd43f4b1154f194a9da6b47057fabab20992d8c15de627c0ddd7f2dee1
system
January 16, 2009, 12:46pm
5
Application name and download URL (if known) Download Unlocker 1.9.2 for Windows - Filehippo.com
Currently selected heuristic level
Reported Infection
Details of a CIMA link for comparison (if submitted)
Cheers,
panic
January 16, 2009, 1:01pm
6
Application name and download URL www.rivavx.com
Reported infection
Details of a CIMA and VirusTotal link for comparison CIMA http://camas.comodo.com/cgi-bin/submit?file=eea06e3700924c6332c00a3087a2d9c0a06871d9a4b6eff4c721c2e682526342 VIRUSTOTAL http://www.virustotal.com/analisis/b1707285fb978da68e3f1a9151538c9c
panic
January 16, 2009, 1:07pm
8
Application name and download URL www.dvdfab.com
Currently selected heuristic level
Reported infection
Details of a CIMA and VirusTotal link for comparison CIMA http://camas.comodo.com/cgi-bin/submit?file=25f1b7c24d9bc49f079318807455f238035201232b75bb91dfed62b5bb57916e VIRUSTOTAL http://www.virustotal.com/analisis/f20cd218a4340c9aacca34e9e6cfbea0
Comodo Easy VPN- crdp.dll
Nice work comodo, Hehe
EDIT: I’ll have to point out some things because another member told me they don’t get the same result. The on demand scan did not ppick this up, when a member on VPN messaged me a realtime pop-up appeared.
panic
January 16, 2009, 1:38pm
10
Application name and download URL http://www.mvpcinfo.com/
Currently selected heuristic level
Reported infection
Details of a CIMA and VirusTotal link for comparison http://camas.comodo.com/cgi-bin/submit?file=c3fd86cb7fd7dc6c7b958e464feea6411e01d022e99d69f984d83ac23a534bf8 VIRUSTOTAL http://www.virustotal.com/analisis/f61f17ccf5796fb14a78fbbf29d01d2b
Herustics On medium
*when Herustics is on low nothing is detected
[attachment deleted by admin]
Application name and download URL (if known) AVG TuneUp | Clean & Speed Up Your PC | Free Download
Currently selected heuristic level
Reported infection
Details of a CIMA link for comparison (if submitted)
user4
January 16, 2009, 5:38pm
13
Orbit Downloader
It is reported to be some sort of fraud tool.
Just select any of the download links.
Iobit Advanced System Care:
Download the free computer cleaner optimizer tool to speed up Windows 11/10. One-Stop fix a slow PC, optimize for gaming, clear up memory, space, ram on PC and improve your PC performance now.
Heuristics set low
Several FPs all called Heur.Pck.MEW@0
One example submitted:http://camas.comodo.com/cgi-bin/submit?file=f6557901f614619580cf592c395484f20e758333e90d6e01faec4e7ff37450d5
Application name and download URL (if known): The hard drive locations where the infection was reported are listed below and the links to pages that contain the download links are listed below.
ScanSoft OmniPage16 - C:\Windows\Installer$PatchCache$\Managed.…\16.0.0\omnipage16.exehttp://www.nuance.com/omnipage/professional/
ScanSoft PDF Create 4 - C:\Program Files\ScanSoft\PDF Create 4\pdfcreate4hook.exe
ScanSoft PaperPort Professional 11 - C:\Program Files\ScanSoft\PaperPort\PPMV.exehttp://www.nuance.com/paperport/
ScanSoft OmniPage 16 - C:\Windows\Installer$PatchCache$\Managed.…\16.0.0\ppmv.exe
Registry FirstAid version 7.0 - C:\Users.…\Downloads\Registry FirstAid\Version 7.0\rfasetup.exeRegistry First Aid - Award Winning Windows Registry Repair
SpywareBlaster - C:\Program Files\SpywareBlaster\sbautoupdate.exeSpywareBlaster® | Prevent spyware and malware. Free download.
Currently selected heuristic level: Medium for all 3 scanner settings
Heur.Pck.Armadillo[ at ]0
Heur.Pck.Armadillo[ at ]0
Heur.Pck.Armadillo[ at ]0
Heur.Pck.Armadillo[ at ]0
Application.Win32.FraudTool.MacroVirus.˜A[ at ]2937430
Heur.Pck.Armadillo[ at ]0
Details of a CIMA link for comparison (if submitted): NA
When I had CIS version 3.5.57173.439 installed, a virus scan never detected any of these six executables as viruses. They are all related to valid programs that I have installed, so I am sure they are FPs. I can still run each of these programs, even though I have left these six items quarantined in CIS.
darcjrt
January 16, 2009, 8:29pm
17
c:\windows\system32\tpvmmon.dll
HEUR.PCK.ARMADILLO
http://www.virustotal.com/analisis/dd025cd2f0c172f3439277add058718d
Unknown vendor. I Cant move or copy the file!!! I will try in Safe mode and post it!
system
January 16, 2009, 8:48pm
18
4 false positives, 3 by Heuristics even though set to Low.
[attachment deleted by admin]
system
January 16, 2009, 10:16pm
19
Hi Guys, 1st scan with CIS Beta, several FPs, but livable will upload a few questionables to CIMA but for now here’s the tally…
[attachment deleted by admin]
offchu
January 16, 2009, 10:17pm
20
Application name and download URL Products - Code Sector
File
Currently selected heuristic level
Reported infection
Application name and download URL http://www.hmonitor.net/
File
Currently selected heuristic level
Reported infection
