I have a suspicion there are many FPs . . .

I have been using SpybotS&D/w TeaTimer for many years, stopped using TeaTimer for maybe 6 mon. Have just recently restarted using TT again. Also have used some small programs from GRC dot Com and in the last couple of days Comodo’s AV has tagged those and some other as virus’ titled, “Heur.Suspicious.Attribs” (without the quotes) and several days ago my registry protector I have been using for many years by DiamondCS titled RegProt was detected as “Heur.Packed.Unknown” (without the quotes) and now they are within the Quarantined area. If I attempt to reinstall your RealTime monitor flashes a warning. I do not feel they are infected. None of my other virus, malware, rootkit scanners detect any problem with them.

How should I handle this believed NON-threat?

Thank you for reading my poster toaster,

Some thing for you to chew on, that is if there is not really a problem and are NOT really FPs.

I have over 16 that are on programs used by me for many years and none of my other scanning programs ID them as any threat. In my Quarantine folder are those files plus each has an additional file with an extension of .info which gives some particulars on them and they are all IDed as Heur.____._____ if you want I can give more exact details.

Also at the time of my posting of the below message my FF browser locked up and I could not do any more reading, that was in hopes of learning more. The only option was to use TaskManager to close FF and when I did a BSOD came up and the entire system was closed for the nite, went to bed. Spent the entire morning running my scanners to see what may have caused this crash, nothing was found. Malwarebytes’ Anti-Malware, SUPER AntiSpyWare, Comodo’s AV, Avira’s AntiVir, Spybot Search & Destroy, TeaTimer, RegProt, is a list of some of the programs I use.

Thank you for reading my roastery posted,

Hello! Those sounds legit. The heuristic only said that those are packed…

Un-quarantine those files would be my suggestion… send them to http://camas.comodo.com/ and http://virustotal.com/ see what they say, if they are not rated as suspicious, and only comodo labels them as virus…

Then report them here (or by email), and those FPs will be fixed in 48 hours, hopefully:


Read this about how to report FPs:


Thanks! =)

Sorry for all the trouble…

:slight_smile: :slight_smile:

Uhh you know what, just send them… :slight_smile: The heuristic are so poppy, most likely those are FPs… :slight_smile:

Could be bothersome to test them… Comodo will do that anyway to make sure those are FPs… Else they will most likely do a signature for it =)


Comodo has a feature built-in that I had not seen until later after my original post. You have several choices for how to handle some of those that are very suspiciously tagged as HEUR.. and seem to be legit. Quarantine, Ignore, Delete, and another and cannot remember what it is. Of course I chose to IGNORE several.

I will get to those links for forwarding FPs when I have the time. Attempting to work with two computers here and maybe a third later this week if all goes well. Trying to learn about LANs and multiple computer connections.

Thank you for agreeing with me and that fine suggestion,

P.S. Thank you for, and I quote, “Sorry for all the trouble…” now I know who to blame for all of my troubles, just joking. HA! HA! HA!

Oki doki! There is actually only one thread you need to post in… Was a bit hasty in all my copy pasting… =)

This one: https://forums.comodo.com/false_positivenegative_reporting_is_this_a_malware_that_cis_hasnot_detected-b154.0/

Good luck with that! Always good to learn more! I myself is learning some more about programming and how to make my girlfriend not hating me. :slight_smile:

hehe :wink: Next time I won’t say Sorry for all the trouble unless it was my fault something! =)