First time using comodo AV after switching from symantec. A full scan was requested. The scan took 2 hours and reviewed around 920000 files across 3 harddrives of 412GB of data consisting of over 200 programs and around 30 games using the virus database 5232. Heuristics were set to Low. 8 Files were flagged infected, all of them false positives. The following files were falsely flagged by COMODO’s AV upon scanning the system:
-a bunch of tmp.bat files in \appdata\local\temp which were left by a previous installer. They were flagged as Heur.Dual.Extension[at]-1 and contain very short instructions:
“ping -n 2 127.0.0.1
del C:\Users\Searinox\AppData\Local\Temp\UTT586~1.EXE”
the only differences between them were which temp exe they were deleting.
-the file C:\Program Files (x86)\Your Freedom\rt\binthe file w2k_lsa_auth.dll from an older version of Your Freedom. YF is a proxy client located in System Restore. Current release’s version of the DLL does not get flagged.
-the file HookLib.dll from the Worms game folder. HookLib is used by an addon called WormKit that is developed by a person called CyberShadow, hired by Team17 to keep updating Worms Armageddon, and is posted on the official Team17 forums http://forum.team17.com/showthread.php?t=37390 Name: UnclassifiedMalware[at]8423927
-AdBannerRemoverPlus, a messenger enhancer focused on ad removal http://www.situsinformasiinternet.com/2009/09/adbannerremoverplus-v1040.html and has no malware functionality.
CRC-32: 4d78fbfe
MD4: fdf6e15cc8f4bf4c0601d861ae7c1695
MD5: 275169ce4bb8110c39bb186c93bd7247
SHA-1: 5243c76344ec61b7c0724bfa944fa705d01ed60e
Name: UnclassifiedMalware[at]107861216
-IrfanView’s plugins package version 4.25. Latest version(4.27) does not get flagged.
-MakeSplash.exe, a splash animation creator for the Nintendo DS operating system called Moonshell, version 2.10. http://home.att.ne.jp/blue/moonlight/ Folder is 201002161705_moonshell210stable\misctools\MakeSplashAniForMS2
-a harmless jpg picture with the following specs
CRC-32: fc57ae09
MD4: 3bb2fcf608d827ad1363c9ac131fcb07
MD5: 68fedfadedbf53d63a2092be87392dcf
SHA-1: 933de811e32b9e32a05e111a9ccf4da55d9850c7
Name: UnclassifiedMalware[at]16213474
-a harmless flash animation with the following specs
CRC-32: b0d4e494
MD4: 0e93ef93c628d161c37aede5b195ee11
MD5: fe9b53202a9e1be336dc5796b9d73ff7
SHA-1: 9dcc6047edaef2f85267cdde4a681069b31343e1