False positives 2014-03-25

Archive password: fp

Scan done with High heuristics sensitivity!

I’ve been using these files for ages and never had problems with them and neither other AV’s detected them. Please fix the false positives.

[attachment deleted by admin]

This one is not FP

Hi RejZoR,

Thank you for reporting this.
We’ll check it and get back to you soon.

Yuvaraj M

It’s not malware or any kind of “unwanted” app. It’s just a downloader for music from Grooveshark which you have to download yourself and doesn’t come as any kind of 3rd party addon to some other app. Which is clearly stated and does just exactly and only that. Been using it for ages and it’s exactly what i’ve described. So i can’t possibly see any reason for detection, neither i have no clue what “Somoto” is suppose to be, because this just isn’t “it”. To me it seems more like few AV’s detected it on VT and the rest just blindly followed.

On a VT comment “Software includes option to install bundled browser toolbars (which could probably be rated as adware)”
Maybe this has changed ?

I had an older installer (the one that i provided as FP here). The new one is downloader and comes with bitcoing mining app which gets detected during install. But not the installer of the Grooveshark downloader.

Actually i don’t care, the installer i provided was old one so it doesn’t really matter now i guess.

Hi RejZoR,

The following sample not false-positive ,If you intent to use it further,you can add it to exclusion list.
d775e5876cee942cd5e5405655b6c45fb97923c5[inside file: 3090816d27bad58f7f2ca51d6d3d22e489a05330]

The remaining False-Positive samples has been fixed.
You can update to AV database Version <17992> of Comodo Internet Security Version<6.3.302093.2976> and confirm it.

Best regards

Ok. Thx for fixing the rest.


Выкладывал ещё утром тут. Не добавили в базы.
pass 0

When you run this file didn’t work HIPS, not worked sandbox. In trusted it was not.

Don’t attach malware please, remove…And what’s the question ?

Send links here https://forums.comodo.com/av-false-positivenegative-detection-reporting/submit-malware-here-to-be-blacklisted-2014-no-live-malware-t100707.0.html;msg750370#msg750370 There was also this file VirusTotal
His signature is not added to. When you run this file, there were no reports HIPS, was not the message of the sandbox. As he was not trusted. Wanted to know why Comodo considers it safe.

It’s not digitally signed and not trusted from cloud. It should get sandboxed.

No reaction, no HIPS, no sandbox. - YouTube

[attachment deleted by admin]