CAV is reporting C:\SWSETUP\MedCtrFP\Extras\ESPN\motionsetupmce.exe as unclassified malware. I think this is a false positive since the files in SWSETUP come with HP computers. No other scanners such as Malwarebytes or SuperAntiSpyware detect this file as a threat. Norton 2009 did not either.
I’m using CIS 3.8.65951.477 with database 1147 on XP Media Center Edition SP3
Hi Dch48,
We are going to have a look at it.
We will get back to you after investigation.
Regards,
-Chandra Mohan
I appear to have a related problem. I also am using CIS 3.8.65951.477 but with database 1149.
DATE
Today: Monday, 2009, May 4
SYSTEM
HP Pavilion dv7-1243d
Windows Vista Home Premium
REPORTED MALWARE
Heur.Packed.Unknown C:\SwSetup\MSDVD\Data1.cab:_E96E9B9D25DEBAD8DAE4E6EAD0944D05
Heur.Packed.Unknown C:\SwSetup\MSDVD\Data1.cab:_08A14B7BCA584194BEBD4DF76D784491
Heur.Packed.Unknown C:\SwSetup\MSDVD\Data1.cab:_E178A527178641C29E549470BFC1B08D
Heur.Pck.RLPack C:\SwSetup\MSDVD\Data1.cab:_9F24A3C8D76E4653BC0549D285EDE783
Heur.Pck.RLPack C:\SwSetup\MSDVD\Data1.cab:_A54E795D57654041918510582CD0A8AF
Heur.Pck.RLPack C:\SwSetup\MSDVD\Data1.cab:_AFA8AD080C8044248943B51909200CBE
Heur.Pck.RLPack C:\SwSetup\MSDVD\Data1.cab:_152CAF6665074E3FB6A75941644A7A9C
Heur.Pck.RLPack C:\SwSetup\MSDVD\Data1.cab:_E51D107C6EDA43EFBB3F083BFAB4CC71
Heur.Packed.Unknown C:\SwSetup\MSDVD\Data1.cab:_9FF6596EFE40400EAA5B4F45F393CDF1
Heur.Packed.Unknown C:\SwSetup\MSDVD\Data1.cab:_EC7FA41FD4F64E22A95020BB84EAE66C
Heur.Packed.Unknown C:\SwSetup\MSDVD\Data1.cab:_E40C7EC5088740D0A4BD9EF706FECEBB
Heur.Packed.Unknown C:\SwSetup\MSDVD\Data1.cab:_F096ACEF6FB349048640C481BEDA2007
James
Hi JamesOnTheWay,
Please submit mentioned samples to the forum
For more info on submission of files, please check this link
https://forums.comodo.com/false_positivenegative_reporting_is_this_a_malware_that_cis_hasnot_detected/how_to_report_false_positivessuspicious_files_how_to_submit_them-t36051.0.html
Regards,
-Chandra Mohan
The link is wrong-you left out the u in virus it should be http://www.virustotal.com
With the latest CAV database, the file I submitted is now classified as --Application.W32.AdWare.Digstream.g@8360451.
I guess this means it does contain some form of adware and/or spyware. Virustotal only reports it being detected by 4 or 5 of the other antivirus scanners, most of which I have never heard of. The major ones are still not detecting it as a threat.
