Please post only COMODO Internet Security 3.8.61948.459 BETA false positives reports here.
Please include the following information;
Application name and download URL (if known)
Currently selected heuristic level
Reported infection
Details of a CIMA link for comparison (if submitted)
False positives for the current release version of CIS (V3.5.5X) should be reported at
Cheers,
Josh
I got 62 FPs while manual scanning the C:\Program Files\TuneUp Utilities directory. In the C:\Windows\System directory vcl35.bpl and vclx35.bpl respectively (I believe these files are related to Asus Probe).
WinRAR - http://www.rarlab.com/
Heuristics -High
Detects as:
C:\Documents and Settings\Josh\Local Settings\Temp\q6SMgJcf.exe.part Heur.PEBomb
C:\Documents and Settings\Josh\Desktop\wrar380.exe.part Heur.PEBomb
Cheers,
Josh
IZARC http://www.izarc.org/
CIS Beta .459 DB:2
See attached scan results for the only FP detected, heuristics set to medium throughout
Cheers :■■■■
Xman 8)
[attachment deleted by admin]
Edit: Manual Scan HIGH Heur
Edit Edit: Scanned with DB version 2
Unknown Packers:
Rootkit Unhooker
http://forum.sysinternals.com/uploads/20071210_182632_rku37300509.rar
Aida32 (official version no longer available)
Available on Oldversion.com
Old versions of Windows, Mac and Linux Software, Apps & Abandonware Games - Download at OldVersion.com
PEID
Feeddemon Uninstall 2.8.0.9 RC2
IDA Pro Free 4.9
IrfanView Plugins 4.22 (awd.dll)
http://www.irfanview.com/main_start_engl.htm
Remote Admin Viewer 3.x (winlpcdl.dll)
http://www.radmin.com/products/radmin/rviewer.php
False Positives:
Spybot Search & Destroy - Heur.Suspicious (advcheck.dll, sdupdate.exe)
TeraCopy 2.0.b4a
Products - Code Sector Heur.Pck.Obsidium
Windows Vista SP1, Enterprise x32
c:\windows\security\database\tmp.edb - Heur.PEBomb
TuneUp Utilities 2009 fp’s are resolved for me (database 2), also with Heuristics level set to High.
Hi Guys,
Please make sure base version is 2 before reporting FPs.
As FPs have been fixed in update version 2.
Thanks
-umesh
Can confirm this one with version 2. I had heuristics set to medium.
Heuristics level: High
CIS DB: 2
jDownloader - http://jdownloader.org/
FeedDemon - http://www.newsgator.com/Individuals/FeedDemon/Default.aspx
K-Lite Codec Pack - Download K-Lite Codec Pack
Bit Che - http://www.convivea.com/product.php?id=2
Heur.Packed.Unknown H:\Program Files (x86)\FeedDemon\FDUninstall.exe
Heur.Packed.Unknown H:\Program Files (x86)\jdownloader\jdownloader\tools\windows\p.exe
Heur.Packed.Unknown H:\Program Files (x86)\K-Lite Codec Pack\Filters\bass_tta.dll
Heur.Packed.Unknown H:\Program Files (x86)\K-Lite Codec Pack\Filters\MonkeySource.ax
Heur.Packed.Unknown H:\Users\USER\AppData\Roaming\Convivea\Bit_Che\scripts\special.exe
Heur.Packed.Unknown H:\Users\USER\AppData\Roaming\Convivea\Bit_Che\scripts\x.dll
V7chy
[attachment deleted by admin]
Heuristics level: High
CIS DB: 2
CryptLoad - http://cryptload.info/download/
Heur.Packed.Unknown H:\CryptLoad_1.1.6\CryptLoad_1.1.6\plugins\crypt.dll
ApplicUnsaf.Win32.RemoteAdmin.NetCat[ at ]122335 H:\CryptLoad_1.1.6\CryptLoad_1.1.6\router\FRITZ!Box\nc.exe
V7chy
[attachment deleted by admin]
CIS beta .459
Heuristic level: Low
Glary Utilities: http://www.glaryutilities.com/
Report:
Heur.Pck.MEW C:\Programmi\Glary Utilities\cxLibraryVCLD7.bpl
Heur.Pck.MEW C:\Programmi\Glary Utilities\dxBarD7.bpl
Heur.Pck.MEW C:\Programmi\Glary Utilities\dxGDIPlusD7.bpl
Heur.Pck.MEW C:\Programmi\Glary Utilities\dxNavBarD7.bpl
Heur.Pck.MEW C:\Programmi\Glary Utilities\dxThemeD7.bpl
Heur.Pck.MEW C:\Programmi\Glary Utilities\GUTrayIconD7.bpl
Heur.Pck.MEW C:\Programmi\Glary Utilities\GUControlD7.bpl
Heur.Pck.MEW C:\Programmi\Glary Utilities\pngD7.bpl
Heur.Pck.MEW C:\Programmi\Glary Utilities\VirtualTreesD7.bpl
Well, isn’t that a strange one? I have DB 2 and I still get 56 FPs scanning the TuneUp Utilities directory with Heuristics set on Low. I did try it on High and got the same 56 flags, only with slightly different virus descriptions! ???
[attachment deleted by admin]
Weird, do you use the latest version of TuneUp and applied no ummmm “medicine” on it?
[attachment deleted by admin]
I’m using v8.0.1100 downloaded directly from their site with no patches or cracks. Weird, huh?
Using TuneUp Utilities 2009 v8.0.2000.35 here, it’s the latest version released last December.
Heuristics level: High
CIS DB: 2
iPhoneRingToneMaker - http://www.efksoft.com/products/iphoneringtonemaker/index.htm
Heur.Packed.Unknown H:\Program Files (x86)\iPhoneRingToneMaker\bassmix.dll
Heur.Packed.Unknown H:\Program Files (x86)\iPhoneRingToneMaker\bass.dll
Heur.Packed.Unknown H:\Program Files (x86)\iPhoneRingToneMaker\bass_aac.dll
Heur.Packed.Unknown H:\Program Files (x86)\iPhoneRingToneMaker\semutil.exe
Heur.Packed.Unknown H:\Program Files (x86)\iPhoneRingToneMaker\semutilun.exe
V7chy
[attachment deleted by admin]
Bingo! That was it! I updated to v8.0.2000.35 and everything passes with heuristics set on High! Thanks!
:■■■■
Heuristics level: High
CIS DB: 2
Heur.Pck.MEW
Auslogics Registry Defrag: http://www.auslogics.com/en/software/registry-defrag
C:\Program Files\Auslogics\AusLogics Registry Defrag\axforms10.bpl
[attachment deleted by admin]
Heuristics level: Off
CIS DB: 2
Application.Win32.FraudTool.MacroVirus.~A@2937430
Wise Registry Cleaner installer: http://www.wisecleaner.com/index.html
C:\Documents and Settings\Ronnie\My Documents\Downloads\WRC3Setup.exe
[attachment deleted by admin]
Remember to post the latest CIS DB version too for this beta (Currently DB 2).
Cheers,
Josh