Yet another False Positive Windows\System32\nvdisp.exe Heur.Suspicious@19987002

I’m using CIS 3.9.95478.509 db1224, with Defense+ set in Clean PC mode, since Comodo has been on my PCs for what seems like six months or so. I shouldn’t have to put D+ into learning mode at this point, should I?

Anyhow, the report is that C:Windows\system32\nvdisp.exe is a virus, but when I sent the nvdisp.exe (nVidia driver) file to VirusScan.org, only CIS reported it as malware. See below. Per instructions, I will send the file to Comodo via email.

This, by the way, is also why CIS should let us submit quarrantined files to other scanners as well as to Comodo. That way we could quarrantine the file, get a quick answer from VirusScan and/or VirusTotal, and then release the file if it turns out to be a false positive without screwing up other processes on our systems.

VirSCAN.org Scanned Report :
Scanned time : 2009/06/01 01:48:41 (CST)
Scanner results: 3% Scanner(1/38) found malware!
File Name : nvudisp.exe
File Size : 446464 byte
File Type : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 : 6b424c2e611ce924caaf3972017870cf
SHA1 : 98a47f178aa206be4c76d1da9c3942307eb41bbf
Online report : http://virscan.org/report/f290a8516a1950dffc28c03872ee6cd4.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.0.0.32 20090531133844 2009-05-31 2.50 -
AhnLab V3 2009.05.30.00 2009.05.30 2009-05-30 0.74 -
AntiVir 8.2.0.180 7.1.4.40 2009-05-30 0.17 -
Antiy 2.0.18 20090531.2484531 2009-05-31 0.12 -
Arcavir 2009 200905310832 2009-05-31 0.07 -
Authentium 5.1.1 200905311104 2009-05-31 1.46 -
AVAST! 4.7.4 090530-0 2009-05-30 0.02 -
AVG 8.5.286 270.12.46/2145 2009-05-31 3.40 -
BitDefender 7.81008.3258474 7.25739 2009-05-31 2.93 -
CA (VET) 9.0.0.143 31.6.6526 2009-05-30 5.72 -
ClamAV 0.95.1 9406 2009-05-30 0.07 -
Comodo 3.9 1224 2009-05-31 0.76 Heur.Suspicious
CP Secure 1.1.0.715 2009.06.01 2009-06-01 9.78 -
Dr.Web 4.44.0.9170 2009.05.31 2009-05-31 4.72 -
F-Prot 4.4.4.56 20090531 2009-05-31 1.69 -
F-Secure 5.51.6100 2009.05.31.02 2009-05-31 0.10 -
Fortinet 2.81-3.117 10.451 2009-05-31 0.25 -
GData 19.5502/19.348 20090531 2009-05-31 4.28 -
ViRobot 20090529 2009.05.29 2009-05-29 0.41 -
Ikarus T3.1.01.57 2009.05.31.72798 2009-05-31 3.15 -
JiangMin 11.0.706 2009.05.31 2009-05-31 2.04 -
Kaspersky 5.5.10 2009.05.31 2009-05-31 0.08 -
KingSoft 2009.2.5.15 2009.5.31.21 2009-05-31 0.63 -
McAfee 5.3.00 5632 2009-05-31 3.00 -
Microsoft 1.4701 2009.05.29 2009-05-29 4.31 -
mks_vir 2.01 2009.05.31 2009-05-31 3.23 -
Norman 6.01.05 6.01.00 2009-05-29 4.01 -
Panda 9.05.01 2009.05.31 2009-05-31 1.75 -
Trend Micro 8.700-1004 6.158.36 2009-05-31 0.03 -
Quick Heal 10.00 2009.05.29 2009-05-29 1.30 -
Rising 20.0 21.31.64.00 2009-05-31 0.82 -
Sophos 2.87.1 4.42 2009-06-01 2.31 -
Sunbelt 5159 5159 2009-05-28 0.77 -
Symantec 1.3.0.24 20090531.003 2009-05-31 0.06 -
nProtect 20090528.02 3998376 2009-05-28 5.66 -
The Hacker 6.3.4.3 v00334 2009-05-28 0.62 -
VBA32 3.12.10.6 20090530.1313 2009-05-30 2.15 -
VirusBuster 4.5.11.10 10.106.5/1461099 2009-05-31 2.11 -