In last update CIS detect this file as malware:
C:\windows\system32\drivers\mchInjDrv.sys
but in virus total (a-squared, AntiVir and Kaspersky) don’t detect but NOD32 detect.
http://www.virustotal.com/pt/analisis/d2d61c061a736a0725166182d7ae7978
also CIMA doesn’t detect.
How can I know if it’s a false positive? ???
Be happy, this isn’t one…
6 antivirusses detect it now. So this is CIS being one of the first :-TU
:comodo110:
Xan
I think the only way is to submit potential threat to COMODO for analysys, they decide if it’s a malware or not. I could be false positive when file is detected only by one or two AV’s, but also It can be real malware(for example JS:Packed-AB wich was detected only by Avast!). In my opinion submitting is the best way.