Hi,
i have several archives (CAB and ZIP) in which files are detected by Comodo (false positive i believe). If i extract the files from the archives and then scan the files again, they are no longer reported infected.
I attach two examples. I could not upload cab-files, so i just added “.zip” to the filenames.
In 1729B1E8.cab the file gdiplusA455ADFC.DLL is reported as TrojWare.Win32.Trojan.Katusha.~E@104915147 and in LVRTSupport.cab the file niidaqs.dll.58FEA395_C082_4BC0_8F5F_E73CDF6BAC9B is reported as Heur.Corrupt.PE@-1.
When i extract the reported files from the archives and then scan the extracted files, there is no detection by comodo.
How can this happen? I think it must be a bug?
My version of Comodo: Internet Security Premium, 5.3.181415.1237, signature 8340
Hi Naren,
thanks for your very fast reply. I already checked VT, so i believe the files are not infected, but comodo on my PC does detect them, as you can see in the screenshot.
By the way: If i click on ignore → send files to comodo as false positives, i get the answer that the files cannot be submitted, and i am asked if i want to clean them. I think i only get this message for archive-files, i could submit single files on this way in the past.
Thomas
Thank you for your submission. We’ll check this and get back to you. Until a fix will be provided please add the files to your “Exclusions” list. Thank you!