* Home Help Search Login Register  

Welcome, Guest. Please login or register.
March 21, 2010, 11:20:46 AM

Login with username, password and session length

373451 Posts
41427 Topics
94164 Members
Latest Member: luchtbedcommando

more news...
Search:     Advanced search | Tag Cloud
+  Welcome to the Comodo Forum
|-+  Desktop Security Products & Services
| |-+  Comodo Internet Security - CIS
| | |-+  AV False Positive/Negative Detection Reporting
| | | |-+  Bsectexp ( bootsectorexplorer from DiamondCS Website )		 « previous next »
Pages: [1] Go Down Print
Author Topic: Bsectexp ( bootsectorexplorer from DiamondCS Website )  (Read 724 times)
Regression
Malware Research Group
Comodo Family Member
*****
Offline Offline

Posts: 81


Peace... just Peace
« on: December 13, 2009, 09:55:32 PM »

Quote
Almost all scanners detect that wrongly. That file is as much as dangerous as flypoo on your office desk. It's packed with a PRIVATE(!) version of Pec2 (Bitsum) hence a lot of "incorrect" heuristic detections, especially because the file is also small and makes some "strange" registry activity. However, the registry activity is based on the way how wayne reads/accesses the bootsector. Via Registry physicaldevice. Nothing wrong with that.

(  Inspector Clouseau  AV Expert (VP Sunbelt Software) at http://www.wilderssecurity.com/showthread.php?t=185994&page=12)

FP
http://www.virustotal.com/en/analisis/1039a86536d273a79bfa04f9de5497f08894999219c9d3829b9bbbd99576fc8f-1255044489
http://www.threatexpert.com/report.aspx?md5=676f75abdb30d2d0b187b80aba6b657f

bootsectorexplorer from DiamondCS Website ... another false-positive.
Logged
One Ring to rule them all... One Ring to bring them all and in the darkness bind them in the land of Mordor where the $hadows lie

> Panic may cause a user to do silly things.
hailong.wang
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 612
« Reply #1 on: December 13, 2009, 10:13:42 PM »
Quote from: Regression on December 13, 2009, 09:55:32 PM
bootsectorexplorer from DiamondCS Website ... another false-positive.
Hi  Regression,

We are going to have a look at it and will get back to you after investigation.

Thanks and Regards,
hailong.wang
Logged
haja
Comodo Loves me
****
Offline Offline

Posts: 125
« Reply #2 on: December 14, 2009, 01:49:20 AM »
Hi Regression,

Quote from: Regression on December 13, 2009, 09:55:32 PM
bootsectorexplorer from DiamondCS Website ... another false-positive.


Reported FP has been fixed in DB 3237 .Please update and confirm.

Regards,
Haja
Logged
Regression
Malware Research Group
Comodo Family Member
*****
Offline Offline

Posts: 81


Peace... just Peace
« Reply #3 on: December 15, 2009, 05:57:43 AM »
Quote from: haja on December 14, 2009, 01:49:20 AM
Hi Regression,


Reported FP has been fixed in DB 3237 .Please update and confirm.

Regards,
Haja

It is fixed Confirmed Thanks
Logged
One Ring to rule them all... One Ring to bring them all and in the darkness bind them in the land of Mordor where the $hadows lie

> Panic may cause a user to do silly things.
Tags: Boot explorer False-Positive 
Pages: [1] Go Up Print 
« previous next »
Jump to:  

SSL Certificate Free Virus Removal Firewall
Page created in -0 seconds with 18 queries.
Powered by SMF 1.1.11 | SMF © 2006, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks 		Design by 7dana.com