FP: StructuredQuerySchema.bin / Active[at]

Comodo Internet Security - CIS AV False Positive/Negative Detection Reporting
1

UnclasifiedMalware[at]91902836 at \Users<user name>\AppData\Local\Microsoft\Windows\1033\StructuredQuerySchema.bin

Not exactly sure what this is I removed the file 3 times and now it’s 290KB and says not malware by comodo. Wondering if there’s some new stuff going on I don’t know about or just comodo bug. However, for some reason I doubt this was a comodo bug as it started happening exactly when Windows 7 x64 freezed and restarted.

http://www.virustotal.com/analisis/a8b67872d14404a33f68e68c4fa260e996223d65a6ccd3f8219e6b9b4c8cd735-1263420266

Active[at] Partition Recover
Active[at] File Recover
Active[at] Disk Kill

MS-DOS & Windows versions are considered as ‘Heur.Suspicious[at]25278226’ or ‘Heur.Suspicious[at]28628390’

http://www.killdisk.com/downloadfree.htm

btw, is there way to disable ‘suspicious’-scheme from Comodo? So it would automatically skip everything it doesn’t understand.

2

Hi genetix,

We are going to have a look at it and will get back to you after investigation.

Thanks and Regards,
hailong.■■■■

3

Hi genetix,

The reported false-positives were fixed with DB 3580. You can check to confirm.

In order to avoid “Heur.Suspicious” detection you can change Heuristics level from “Low” to “off”. Please be advised that this setting will also skip yet unknown malware which is detected using specific heuristic algorithms.

4

I am using Product Version: 3.13.126709.581
Virus signature database version : 3719

Getting same problem!

5

Hi ljpalus,

Please submit the files you consider to be false-positives at Comodo Firewall | Get Best Personal Firewall Software for $29.99 A Year .

Thanks and regards,
Ionel

6

I have that file to.do you have fullremove.exe in programdata? i have and its appears to be quite dangerous.apparantly it deletes files and make trojans.if i get this right