This is enough!

False positive again … I dont know what is happening with the new version?? I wont use it anymore and go back to avast. Maybe it is not protecting ''100% ! ‘’ but it gives me confidence.

[attachment deleted by admin]

that has never happened to me.


the icon of taskmngr proof its not a false positive.

To ilkerol, I personally would not rush to any conclusions until you have it checked further. Good luck and Kind regards

upload the file to virus total and see what it gives you, I can almost bet you are infected. I have never seen CIS give a FP on a core windows file.

Say, is it ORIGINAL windows or modified one, like I dunno, say, windows xp diamond edition 2009 or something? If it is a modified one, then CIS is working as it should because it is a modified exe and not one from Microsoft.

CIS may not be giving FP’s on core windows file but FP’s are still higher than normal. Like I didn’t get any FP’s for windows files but my laptop is Dell & I have got Dell related FP’s & Dell files are also important as windows files.

I have got Fp’s for Dell Network Internal Card, Dell Network Internal Card Lanuncher, Dell Power Management Component - this one today.

I have submitted all through web interface & the FP’s got solved.

But yes FP’s need to control especially Heur & Unclassified & even signatures give FP’s.

I dont know how the upcoming behaviour blocker will be if after year & half the antivirus FP’s problem is still there. Many safe & common problems are also sometimes detected as malware.

Like I had FP’s with Secure Zip, Web Income Tax Forms, one was related to microsoft that I dont remember, etc.

This number of FP’s & the default antivirus action being clean, imagine problems for average users clicking clean.

Hope the new DACS will not be FP"s prone.


1: Set Heuristics to LOW
2: Cleaning is not a default action, but can be set up to auto quarantine so it is still recoverable…

Unclassified malware are signatures -,-

Due of packers.

Again packers.



I always talk from view point of average users. I consider myself an average user. So no change in settings i.e default settings, that means heur - low.

On Antivirus Alert Clean is the Visible action button so from average users view point Clean is the default action button which is wrong & dangerous, Quarantine should be the visible button.

The reason you gave me was PACKERS. Ok no other antiviruses I tried ever gave me FP’s on these files. So I guess packer detection in comodo is weak & FP prone. Should be improved.

Dell related files are not packers as you mentioned. So definately FP’s on good & trusted files by CAV.

I appreciate CIS & its an excellent product but the things I shared here are from personal experience.

I know there are people who have mentioned they haven’t got any FP’s yet. They may be lucky but I & many others posting in AV False Positive Thread have got FP’s higher than normal, on safe softwares, etc.

So whatever they are simple files or packers FP’s should be controlled. AND CAV needs to be improved in every aspects & it shouldn’t be in CIS for only one aspect i.e Usability.


Did you update the database at least one time after installation process before you’ve got this warning ? It looks like a possible virut variant infection but I doubt… perhaps just another weird FP related to a localised file version watch eventually this very old page about someone talking about the same unclassified malware[at]9722205.

For the rest Do or do not it is your choice ( like Heuristics level, report or feedback … btw look at this rcimlby report ) but it looks like you want to jump out of the frying pan into the fire ( again) :wink:

I like version 5 as soon as it is configured & trained even with my thousands of suspicious/dangerous files… I’ve got very few alerts myself now mostly with some weird spying provider files & some of these HP funky dlls I recently update.


These False Positives have been fixed. You can update to Virus Signature Database version 6303 and confirm it.

Best regards,

Hi ilkerol,

CIS treats every Windows file as safe and does not and can not cause False Positive in any Windows file.
This file’s integrity seems to have been compromised for resources (e.g. application icon) although behavior has been found to be non-malicious.