I have used SmitFraudFix and ComboFix and both are being picked up as unclassified malware also factory.exe is picked up as Heur.Packed Unknown I am sure that these are real programs and have matched the MD5 signature of it to the microsoft site. Wondering if these are false alerts or Comodo needs to be update with these facts.
Hi cat3rn, welcome to the forum
Many malware removal Tools are often flagged by different security.
There are several reasons like:
- the Utility can be packed and the security cannot recognize the packer & subsequently unpack for checking (most likely this was the case here);
- many removal Utilities are using the same code as malware is using , so that causes flaggings too;
- etc.
In addition it’s usually recommended to disable the real-time resident of your AV when running malware removal Tools. ComboFix is one of them. That is not just because of possible flaggings but that is necessary in order to avoid conflicts and give way for removal Tool to do the job
Another note about ComboFix in particular - be very careful with it. Read the disclaimer.
It should be run under the expert’s supervision after the malware fighter performed preliminary analysis of the situation.
In many cases ComboFix must be renamed before it’s downloaded to the desktop in order to run it.
But main precaution – you can damage your system beyond repair running Tools like ComboFix without supervision or without your own extensive knowledge in malware removal.
Finally, irrespectively, if you have doubts about detections please submit flagged items to Comodo developers for analysis.
Several ways of the submission procedure described in “How to submit False Positives” thread
My regards
Hi cat3rn,
If you can find the FP file,you can submit through this link:Comodo Firewall | Get Best Personal Firewall Software for $29.99 A Year we can go to have a look at it.
Thanks and Regards,
Mr.Fuxin Liu