Flase Positive Again

After downloading antivirus definition today, it prompt the following suspected “virus”


After choosing “isolate”, nothing can be found in isolation area. What happen?

Perhaps your referring to a defense+ alert? These are different to your anti virus alerts.
Can you please send those files to www.virustotal.com and get other opinions ont hese files? if they are safe, then you should go to comodo → defense+ → My security policy and remove the rules u made to isolate this application.

no la, it is detected by antivirus module, instead of defense+ module
btw, Dr Web CuerIT is also detected by Comodo Antvirus as “VIRUS”, so strange

Please report the false positive to Drweb so they can fix the issue with comodo. As for your original issue pls upload the file to www.virustotal.com to get more “opinions” on the safety of these 2 files.

Hello HKer,

Please submitted the files as false-positives at Comodo Firewall | Get Best Personal Firewall Software for $29.99 A Year and you receive back the conclusion of analysis by email.


I wish I could send it to comodo for further investigation. However, I can’t do it. It is because I can’t find such files anymore. They are not stored in Isolated Area of comodo (even thought I chose to isolate them). How can I find them? Any hint?

BTW, I don’t think Dr Web will aid the issue. After all, it is comodo’s fales positive. I have checked Dr Web CureIT with Avira, Kapersky, etc. There’s nothing wrong with DR Web.

If you check your AV logs it should give the file path for anything that it identified as malicious or suspicious. From there you should be able to locate the files and report them.

They could also be hidden files, that could be why you cant see them.

so what can i do?
if they’re infected files, where did they go?
are they removed?

I mean that, DrWeb reports files of comodo as malware? Then u should report it to Drweb cause that is not true.

no la, comodo treats Dr Web as virus instead

If you isolated those files via Defense+ alert, please check
Defense+ → Common Task -->My Blocked Files

You should find isolated files there.


In AV log, there is such event, but no isolated files.
In Defense+, there is no such event / file.

It is not related to Defense+

Sorry, My mistake! I read it wrong.

In your OP you said;

After choosing "isolate", nothing can be found in isolation area. What happen?
That option is only presented with an Defense+ alert.. I think that's what has thrown us off ?

Anyway, I think the main thing is to get these files looked at! you asked earlier how to view hidden files so you can find them… I hope this helps.

How to show hidden files in Windows;;