False Positive? (WinXP x64, 3.0.16.295)

I let CPF patch itself today… rebooted… got the prompt that settings were changed, and rebooted as requested.

Started looking for new options in the GUI and found the new scan feature… so I gave it a whirl… and think that these handful of files must be false positives…

These files have been kicking around for years… first time they have ever seen so much attention (:TNG)

  • Western Digital DataLife Diag
  • Some ancient PCMCIA 3COM Nic drivers
  • DOS Pkunzip and Pkzipfix

Nothing fishy IMOH :THNK

I was kinda hoping there would have been a submit option… but alas, a screen shot will have to do.

[attachment deleted by admin]

They should be false positives. Maybe the signature DB was cut down to save on download size.
The scan is a good feature even if there are false positives but I guess it should add those files to pending list or quarantined list instead asking to delete them.

This is a great free product, or will be once out of beta. The main problem is that during the “Scan My System” portion of the installation, it generated several Total Threats Found, and all of them false positives. A file named colorit.exe was identified as a Worm by this program; however, running the same file through dozens of other updated, famous and popular anti-virus applications returns zero infections. (Look at the attachments.) It is likely that this program is therefore wrongly identifying clean programs as infected, and possibly ignoring infected files as clean. If the underlying virus signatures are inaccurate, the clean design of the application becomes meaningless. I’ll run a full report on all files to see if there’s anything it accurately detects or does not detect. However, it’s probably best not to rely on this application for malware protection until the bugs are resolved. I have also installed the Comodo Antivirus application. So I’m not sure what engine is being used within the initial Firewall scan, or if they’re somehow integrated. I’ll provide updates to this post as new signature updates are applied etc.

Update: I don’t suggest customers open this file. However, I’m attaching one of the false-positive files, Colorit.exe–zipped in colorit.zip–so that Comodo engineers can test one of the EXACT same files to show that it is completely malware-free despite it showing as a false-positive in the Comodo Firewall.

Update: My scan completed. So I’m adding an updated graphic to show the completed scan window; I’ve erased my last name from the filepath of two of the listed files for privacy.

[attachment deleted by admin]

Hi Curtiscee,
Can you please place all files reported as FP here on forums?

Thanks
-umesh