I have 5 detections made by CIS regarding Cygwin which is a program I use for porting windows apps to Linux. Program version is 5.0.1.63652.1142 and database 6658
[attachment deleted by admin]
Hi Yahn,
Thanks for reporting. We will check this and get back to you.
Regards,
Haja
Thanks. Forgot to add they are being detected as
Virus.Win32.AmpiroGEN@104394956
Heur.Corrupt.PE@-1
cygwin1.dbg
my CAV strangely detect it but comodo at virus total, i dont know why
http://www.virustotal.com/file-scan/report.html?id=09b8ad59e12c3aef9cdaf5bd7a954c12ab575d60153126f3c37af0a9344b55b9-1289285784
Hi Yahn,
Recently Cygwin was flagged by several security Software(s)
That is definite False Positive
The name of the detection pretty much useless in any case - it says nothing
Please never post neither the link for the Software in question nor the file - that is not appropriate
There is the only way to find out - submit the flagged I item for the analysis to the vendor that flagged the item
It has to be precise code that is residing on your PC at that particular moment
You have to consider that you downloaded it from the wrong site;
or
it could be poisoned (compromised) by the 3rd party malware that is present on your PC;
Then , you may have the different version, so current signatures of your secrity made a mistake
You may have the old signatures
The heuristics , if you are using it, could be wrong & so on & so forth
but for sure you must not post neither links nor files into the open forums that is not
use this procedure for submitting
My regards
Hi Yahn
The false-positive was fixed with virus database 6664 of Comodo Internet Security v5.0.162636.1135. You can verify to confirm.
Regards,
Ionel
I see you want to pick on me. According to the link below you are allowed to post links.
1) Make a new topic. 2) Write in the title the program/file that is detected 3) Provide the name of the FP, for example : Heur.Packed.Unknown 4) Provide a link to the site of the program 5) Provide the number of your CIS database
and here.
No malware (Malware sources, links attachments, etc) is to be posted here! False Positivies are fine to be uploaded, But please if you are willing to share malware on a regular basis, join our Malware Research Group, The other exception is the Malware (Not Detected) thread here. You can upload malware to Comodo Instant Malware Analysis (CIMA) and rated suspicious or not, the malware will be in AV labs hands.
I work for an antivirus company in the making so please don’t tell me how to do my job. I’ve been here in the past and found this forum to be rather unfriendly. Please fix the attitude here.
Hi Yahn
There were no intentions whatsoever to “pick on you”
I cannot possibly see how that conclusion was made? (I reread my response … just in case)
As for the links , well I will ask moderators & developers.
That clause was overlooked by me
That has to be changed , by my opinion.
Then, if you read this or any given security forum – that is prohibited
Numerous comments (like mine) were made here in the forum – have a look at recent cases.
I think it doesn’t matter whether it is a definite FP (as in this case) / indeed the link for downloading malicious file(s) /an example of malicious URL (see this recent thread) / etc.
There is no questions that only a special channels can be used for thing like that, but not the open forum
If you do … my reply shouldn’t have triggered such reaction
That is “a bit” rude , since there were nothing of that nature mentioned
I have no idea about you past experience in this forum.
I personally do not find the atmosphere here being unfriendly… quite the contrary
Sure, sometimes there are “fights” ; “inappropriate reactions”; misunderstandings” ; etc. , but those are occasional / quite rare
… but in this particular case the “unfriendliness” apparently and unfortunately was generated by you
My regards
-
If you are a frequent member you should be aware of the stickies.
-
You separated my comment and so it is not in complete context. I was meaning I don’t require an explanation. If this is to show off elitism I’m ashamed of this.
There is the only way to find out - submit the flagged I item for the analysis to the vendor that flagged the itemIt has to be precise code that is residing on your PC at that particular moment
You have to consider that you downloaded it from the wrong site;
or
it could be poisoned (compromised) by the 3rd party malware that is present on your PC;
Then , you may have the different version, so current signatures of your secrity made a mistake
You may have the old signatures
The heuristics , if you are using it, could be wrong & so on & so forth
-
I’ve had several accounts, but rarely visit and often forget my information. Comodo does not provide support in a proper and respectful manner. I sent several emails in attempt to resolve an email certificate issue. After 1 or 2 incidences they entirely stopped responding.
-
People do not answer you if you have concerns that maybe negative. I had a question about how secure I was and later asked about the ask toolbar being malware. The staff avoided that question and responded to another of mine and would not respond to that one.
Sure, that is why I said, that I will contact the developers & moderators so the issues like that (including your pretty mach strange & undeserved reaction) will not be the case any more
Yes I did separated it, because that is the way when you wanna answer certain and every point , that seems to be important
Nothing was taken out of the context …
In addition, do you find that unfriendly as well ???
That was not an explanation per se , but rather a suggestion to follow esteblised rules
If you did not require “an explanation” & working in the security field you would send the flagged items to the developers in the 1st place … without asking any questions
was definitely not … but whatever comes to your mind , since you made a strong (but very wrong!) conclusion straight away & out of the blue
Both points are bad
I have different experience.
You can raise a Support Ticket (just sign in for doing that) ; you can contact moderators if your request was not addressed. They always making the developers aware of problems that require attention
I contacted the developers by e-mail as well and few problems, which many users experienced in the past were solved… It is a matter of being persistent and indeed friendly compare to what you are showing here
My regards
Yahn dont discuss with syberlinx
it will be endless
forgive him
he is like that
Thanks kinemitor
Another “friendly” remark 88)
Have you got any word written above? (I have doubts)
as a matter of fact the initial poster indeed has some points that should be addressed
… you on the contrary have none…
…you were just in a mood to spit
Please read my PM… hopefully, you’ll get better… meaning you attitude
Regards
I was in the mood at the time of posting I guess. Been smacked sevearl times on other forums for harsh posts. Need to calm down. Sorry for the trouble. 