HM2 virusīs found - false positive?? (Comodo antivirus, VirusTotal scan)
Hello,
I ran a complete antivirus (AV) scan of my computer today. I use free Comodo Internet Security Premium, 8.0.0.4344, signatures were updated today. I have Windows 7, and HM2 2.0.0.8227.
(I know there is a newer version, I will download and install it, but I wanted to point out that several files might be still considered unsafe by several major antivirus companies.)
My Comodo AV found that there are 3 infected files -
C:\Holdem Manager 2\Blitz.dll
C:\Holdem Manager 2\HoldemManager.Infrastructure.Logging.dll
C:\Holdem Manager 2\StarsCommunicator.hm2
So I disabled my AV and tried to upload the files to online scanner - virustotal.
These are the results:
------------------------------------------
SHA256: 3b900006bd1b45d97f268fa75df828293b7a0fa13e65411442 737462d321c9ec
File name: Blitz.dll
Detection ratio: 14 / 55
Analysis date: 2014-12-28 01:14:12 UTC ( 5 days ago )
------------------------------------------
SHA256: 4346a54bcf73895b4059b78eea6f6313090559c8438eb553b7 965c152317c00c
File name: HoldemManager.Infrastructure.Logging.dll
Detection ratio: 1 / 55
Analysis date: 2014-09-29 06:47:41 UTC ( 3 month ago )
------------------------------------------
SHA256: 3350eab2455e69708199382610e64d67134bee2bf891215568 94c67f00b909cf
File name: 37e94ed9742b08476dd7029965f2e8a5_StarsCommunicator .hm2
Detection ratio: 27 / 55
Analysis date: 2014-12-03 02:59:08 UTC ( 1 month ago )
------------------------------------------
I tried to rescan the files andd I got almost the same results.
Were the 3 files above updated in the new release - higher than HM2 2.0.0.8227 ? If not, could you pls check the sha2 fingerprint of the correct files, so that I know that my files werenīt corrupted by virus? In such a case I would have to have my computer rescanned again from some bootable AV disk.
If it is OK, then I donīt have to worry, I can update HM2 and add an exception folder to my Comodo AV.
Thank you
Reply With Quote
