False Positives

I think that CAVS 2 beta detects false postive with :

What should I do ?

submit the files for review.


First, please confirm that this is not a virus, you may do so by scanning it with a service such as www.virustotal.com. If it is a virus, you can use the file submitter inside CAVS. Or e-mail the file to malwaresubmit@comodo.com telling them you believe the file to be a false positive.

Ok, but when will I know if it is really a virus ?
The new virus definition list will only be available with a new release of cavs ?

By doing a scan of the file using VirusTotal to scan the file.

I just tested with virustotal :
Ikarus found “IRC-Worm.Momma.F”
UNA found “Worm.Win32.Randon” (same as CAVS)
Fortinet and Panda say “Suspicious file”
The 22 others found nothing

I won’t use this application right now ;).
Is it possible to know the result of comodo team’s analyse ?


Not sure, I would go ahead and submit it to the e-mail that I posted above. In the body I would request for them to reply with their results.

speaking of false positives. comodo antivirus v1.1 said that my pegasus mail client was a mass mail worm. can anyone confirm this?

Hmm, maybe it’s been packed with an exe packer or cryptor that these 3 av’s cannot unpack yet and are using the .sig base for these files.

I wonder what cavs 2.0’s power is in unpacking all the various protectors and packers myself :slight_smile: