False Positive


Location of startup: FILE

In other words… C:\Documents and Settings\Myname\Local Settings\Temp\ (I’m assuming its) CmdLineExt02.dll

This is a false positive… Not a trojan… I have the latest updates… Virustotal says its clean

AhnLab-V3 2007.5.16.1 05.18.2007 no virus found
AntiVir no virus found
Authentium no virus found
Avast no virus found
AVG no virus found
BitDefender no virus found
CAT-QuickHeal Adware.CmdLine (Not a Virus)
ClamAV no virus found
DrWeb no virus found
eSafe Spyware.CmdLineExt
eTrust-Vet no virus found
Ewido no virus found
FileAdvisor No threat detected
Fortinet PossibleThreat
F-Prot no virus found
F-Secure no virus found
Ikarus no virus found
Kaspersky no virus found
McAfee no virus found
Microsoft no virus found
NOD32v2 no virus found
Norman no virus found
Panda no virus found
Prevx1 no virus found
Sophos no virus found
Sunbelt no virus found
Symantec no virus found
TheHacker no virus found
VBA32 no virus found
VirusBuster no virus found
Webwasher-Gateway no virus found

I had already sent the file once to Comodo… But well… It seems it’s still detected with the latest updates from BOClean. And its something with WC3, Blizzard protection of their code or something… I totally forget. Should I re-send it?

Please do and add a link to this thread.
This is a continuation of a FP that we thought was related the bad update.


Much appreciated!

I did and got this reply

Hi. This is the qmail-send program at ewan.comodo.net. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out.

This message is looping: it already has my Delivered-To line. (#5.4.6)

Not sure what I should do now…

I edited out some information from your post. :wink:
There was a glitch in the mail server early this morning. :-[
The good news is it was fixed within minutes after we brought it to their attention. (:CLP)
Resend and it should make the trip this time.

Ah sorry bout that, I see what you edited… (:WIN)

Sending right now.

You might take a look at this and put this file in BO Clean excluder


Good catch topmoxie!

Happy to help, ill be around to add information