false positive from CIS ?

CIS log says: TrojWare.HTML.Exploit.CodeBase.~Exec[at]226875254. Yet upload to VT and it is clean. The file’s name is 01[1].htm. The IE cache is what contains these files. I changed the extension to .txt so I could attach to this note. Since upgrading to this version of COMODO, v5.1.957 i am seeing these quarantine messages constantly.

Am I infected, or is this a false positive. The domain in question (after inspecting the html code) appears to be http://clk.atdmt.com .


[attachment deleted by admin]

This is being addressed by Comodo and an AV update will be issued shortly.

Ewen :slight_smile:

AV update 9300 has been released and appears to have fixed the FP issue.

Ewen :slight_smile:


This is to inform you that false-positive has been fixed.
You can update to AV database Version <9300> of Comodo Internet Security Version<5.5.195786.1383> and confirm it.