Re: COMODO Internet Security 3.10.102194.530 Bug Reports

Welcome to the Comodo Forum

Welcome, Guest. Please login or register.
December 24, 2009, 04:34:32 PM

344985 Posts
38085 Topics
86491 Members
Latest Member: solbuck

Welcome to the Comodo Forum

Desktop Security Products

Comodo Internet Security - CIS

Bug Report - CIS

False Positive/Negative reporting - (Is this a malware that CIS has/not detected?)

Re: COMODO Internet Security 3.10.102194.530 Bug Reports

« previous next »

Pages: [1]

Go Down

Print

Author

Topic: Re: COMODO Internet Security 3.10.102194.530 Bug Reports (Read 274 times)

jp10558

Comodo Family Member

Offline

Offline

Posts: 99

Re: COMODO Internet Security 3.10.102194.530 Bug Reports

« on: July 06, 2009, 01:16:04 PM »

Seems to be a few false positives immediately on install in the AV.

One is the PSEXESVC service, from SysInternals psexec tool to remotely start processes. It was found in C:\Windows\PSEXESVC.EXE - it is detected as Unclassified malware[at]8163993

The second appears to be part of ghostscript - used to view postscript files or generate PDFs by many free PDF printers. This one is in C:\gs\gs8.54\bin\gswin32.exe - this one is Huer.Suspicious[at]22637055

The others appear to be XenoCode settings which are web based VMs to run browsers for testing without installing them. They vary but are all Huer.Suspicious


	Logged

gmohan

Global Moderator
Comodo's Hero

Offline

Offline

Posts: 487

Re: COMODO Internet Security 3.10.102194.530 Bug Reports

« Reply #1 on: July 07, 2009, 03:11:09 AM »

Hi jp10558,

Quote from: jp10558 on July 06, 2009, 01:16:04 PM

Seems to be a few false positives immediately on install in the AV.

One is the PSEXESVC service, from SysInternals psexec tool to remotely start processes. It was found in C:\Windows\PSEXESVC.EXE - it is detected as Unclassified malware[at]8163993

The second appears to be part of ghostscript - used to view postscript files or generate PDFs by many free PDF printers. This one is in C:\gs\gs8.54\bin\gswin32.exe - this one is Huer.Suspicious[at]22637055

The others appear to be XenoCode settings which are web based VMs to run browsers for testing without installing them. They vary but are all Huer.Suspicious

The reported FP will be fixed in next updates.

Regards,
-Chandra Mohan


	Logged

gmohan

Global Moderator
Comodo's Hero

Offline

Offline

Posts: 487

Re: COMODO Internet Security 3.10.102194.530 Bug Reports

« Reply #2 on: July 07, 2009, 08:20:55 AM »

Hi jp10558,

Quote from: jp10558 on July 06, 2009, 01:16:04 PM

Seems to be a few false positives immediately on install in the AV.

One is the PSEXESVC service, from SysInternals psexec tool to remotely start processes. It was found in C:\Windows\PSEXESVC.EXE - it is detected as Unclassified malware[at]8163993

The second appears to be part of ghostscript - used to view postscript files or generate PDFs by many free PDF printers. This one is in C:\gs\gs8.54\bin\gswin32.exe - this one is Huer.Suspicious[at]22637055

The others appear to be XenoCode settings which are web based VMs to run browsers for testing without installing them. They vary but are all Huer.Suspicious

The reported FPs have been fixed in DB 1575.

-Chandra Mohan


	Logged

Tags:

Pages: [1]

Go Up

Print

« previous next »

Jump to:

SSL Certificate

Free Virus Removal

Firewall

Page created in 0.036 seconds with 18 queries.

Powered by SMF 1.1.11 | SMF © 2006, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks

Design by 7dana.com