Yesterday I tested new package with brand new trojans, some of them were detected by CAVS but many not. I submited those samples thru CIMA, but I have question about sample which has been detected as heur.pck - it is malware for sure, so if Comodo detects it there is no need to send this sample to the labs? Or it is beter to add it to signature database?
If it is malware it should be added to the signature data base.
It is detected as being suspect because of the use of a packer. That in it’s self doesn’t mean the packed archive/installer contains malware. This type of packer can be used by malware makers. It doesn’t say anything about what is in it.
Please submit the malware.
Thanks for the answer EricJH, sample is submitted.
I’m glad to hear that I was not wasting my time submitting malware already caught by the Heuristics.
I would like to post that false positives and suspicious files can also be sent via:
The response time through here seems much quicker than by email or CIMA.
i tried to find the file to submit but cant i believe its a false positive its a temp internet file from google
[attachment deleted by admin]
Why don’t believe it is a false positive? The fact that it is the IE temp folder does not mean anything in its self.