I have been using comodo firewall for some time now & compared to some of the paid for services & fee alternatives, I like comodo above them all. It can be a little annoying when installing & updating software with the pop ups to permit & allow but at least you know its doing its job. However I tried twice the comodo Anti-Virus & twice I was a little disappointed. I currently use Avast which is perfect with real time detection before virus’s & other bad software enter your system. However when I had comodo Anti-Virus it looked good, simple to use with some advanced features for more advanced users, however it persistently classed my mIRC.exe as a virus, my FarCry2.exe as a virus & other software I use and regardless to the settings I made to make it stop. After a reboot it did it again & the final straw was when it decided to class some WoW files as a Trojan & would only allow me to quarantine or delete which completely messed up my wow install.
But, if comodo team perfected it more & made it less sensitive to perfectly normal files then I would be very tempted to move to there comodo version.
But excellent job on the firewall side, got to be one of the best free firewalls about.
The AV kinda need a tune up.
They will release a very improved version of the AV some time soon for the public testing (I belive).
(if they hasnt already?)
Untill then I too would stick with an other AV.
But a legitime file to you may be a virus, or trojan, they sometimes inject their own code to other softwares, making duplicates, and making it harder to remove the pest without harming the system.
the current file keeps being fully functional, while also making it operate like a virus or something alike.
Anyway, it maby was a fake alert, and only allowing you to quarantine or delete sounds weird, you should have the option to “ignore (not recommended)”. But clicking Quarantine would be a nice choice, since it would been possible to recover the file(s) more easily that way…
Mirc is detected as Application.Win32.mIRC.621[ at ]787605 and is supposed to be added to AV exclusion list if the user willingly installed this application. ref:Re: Fasle positive : mIRC
Although there are some cases of False positives there are also cases where the user may be willing to customize CAVS detection settings to specifically account for the nature of the code and to not display an alert even in case it is a potentially unwanted/unsafe application thus logging or warning the users without requiring immediate attention.
Like EricJH suggested Comodo encourage user to report cases of False positives whereas the nature of the code was incorrectly detected (eg in cases where a specific signature that was meant for another executable was detected in an unrelated executable)