- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
08-12-2017 09:16 AM
Hi There,
Not sure what's the right place to report this false-positive.
I would like to draw urgent attention of Paloalto Networks staff to resolve following false-positive on one of Comodo Internet Security files:
Virus Total (1/64)
https://www.virustotal.com/en/file/f80c084dc4747b8fee70ac4028e9b734cbc8aa3aea230b24fa9740da44ffcec1/...
We will appreciate if you could please resolve it asap.
Thanks
-umesh
comodo.com Staff
08-12-2017 10:14 AM
Hi,
How to Submit an Anti-Virus False Positive:
How to Submit a Vulnerability Signature False Positive:
08-12-2017 04:40 PM
Hi Mate,
Downloaded same, which triggerred a wildfire upload and its been marked as benign by the threat analysis cloud. So its not been classed as malicious now anyway.
Best regards,
Rob
08-20-2017 04:34 PM
Hi,
I have verified afresh on virus-total and still see it detected as of 20th Aug, 2017, 7:30 PM EST:
Please re-check.
Thanks
-umesh
08-21-2017 09:56 AM
Have you actually tried this from wildfire itself to verify directly. I wouldn't exactly trust virustotal to give you the proper verdict that WildFire actually generates.
If you can get it to show up as malicious or grayware in WildFire it's pretty easy to request a verdict change, seeing as people who have already tested it report that it's beneign in an actual enviroment I really wouldn't worry about it.
08-21-2017 10:57 AM
We also have our own Comodo Antivirus product and understand how Virus Total works.
We are also present on Virustotal.
At times people upload files to Virustotal and go by that.
So i will request PaloAlto team to scan the file and resolve the false-positive.
Thanks
-umesh
08-21-2017 11:17 AM
I do not work for paloalto, so this is ot an official statement, but I don't know if this community forum (even if there are people from palo here) is the right place to request something like that ...
08-21-2017 02:18 PM
Possible to point to me download location of their product for consumer?
Thanks
-umesh
08-21-2017 02:34 PM
I just noticed that you have not posted this under the VirusTotal discussion. That forum is the proper place for this type of submission, although I can not actually verify the forum is activly watch any longer.
https://live.paloaltonetworks.com/t5/VirusTotal/bd-p/VirusTotal_Discussions
File Hash: <hash>
Link to Virustotal report for the file: <link>
Current VirustTotal Verdict: <verdict>
Description: <description>
That being said what was suggested by @TranceforLife would have worked perfectly fine in this instance, as WildFire recognizes the file as benign already as verified for you by @DonohoeRobert. It appears however from your last reply that you have not taken action on the info Trance has given you, which would continue to be the recommended course of action.
08-21-2017 03:57 PM
Thanks BPry,
I have posted in there:
https://live.paloaltonetworks.com/t5/VirusTotal/False-positive-on-comodo/m-p/172480#M185
Reharding:
"That being said what was suggested by @TranceforLife would have worked perfectly fine in this instance, as WildFire recognizes the file as benign already as verified for you by @DonohoeRobert. It appears however from your last reply that you have not taken action on the info Trance has given you, which would continue to be the recommended course of action. "
We want detection to be removed from VirusTotal, as that creates wrong perception.
I hope someone from paloaltonetworks.com will look into it.
Thanks
-umesh
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!