Re: COMODO Internet Security 3.10.102194.530 Bug Reports

Welcome to the Comodo Forum

Welcome, Guest. Please login or register.
November 24, 2009, 08:12:57 PM

337450 Posts
37347 Topics
84691 Members
Latest Member: bluewoof

Welcome to the Comodo Forum

Desktop Security Products

Comodo Internet Security - CIS

Bug Report - CIS

False Positive/Negative reporting - (Is this a malware that CIS has/not detected?)

Re: COMODO Internet Security 3.10.102194.530 Bug Reports

« previous next »

Pages: [1]

Go Down

Print

Author

Topic: Re: COMODO Internet Security 3.10.102194.530 Bug Reports (Read 267 times)

jp10558

Comodo Family Member

Offline

Offline

Posts: 99

Re: COMODO Internet Security 3.10.102194.530 Bug Reports

« on: July 06, 2009, 01:16:04 PM »

Seems to be a few false positives immediately on install in the AV.

One is the PSEXESVC service, from SysInternals psexec tool to remotely start processes. It was found in C:\Windows\PSEXESVC.EXE - it is detected as Unclassified malware[at]8163993

The second appears to be part of ghostscript - used to view postscript files or generate PDFs by many free PDF printers. This one is in C:\gs\gs8.54\bin\gswin32.exe - this one is Huer.Suspicious[at]22637055

The others appear to be XenoCode settings which are web based VMs to run browsers for testing without installing them. They vary but are all Huer.Suspicious


	Logged

gmohan

Global Moderator
Comodo's Hero

Offline

Offline

Posts: 487

Re: COMODO Internet Security 3.10.102194.530 Bug Reports

« Reply #1 on: July 07, 2009, 03:11:09 AM »

Hi jp10558,

Quote from: jp10558 on July 06, 2009, 01:16:04 PM

Seems to be a few false positives immediately on install in the AV.

One is the PSEXESVC service, from SysInternals psexec tool to remotely start processes. It was found in C:\Windows\PSEXESVC.EXE - it is detected as Unclassified malware[at]8163993

The second appears to be part of ghostscript - used to view postscript files or generate PDFs by many free PDF printers. This one is in C:\gs\gs8.54\bin\gswin32.exe - this one is Huer.Suspicious[at]22637055

The others appear to be XenoCode settings which are web based VMs to run browsers for testing without installing them. They vary but are all Huer.Suspicious

The reported FP will be fixed in next updates.

Regards,
-Chandra Mohan


	Logged

gmohan

Global Moderator
Comodo's Hero

Offline

Offline

Posts: 487

Re: COMODO Internet Security 3.10.102194.530 Bug Reports

« Reply #2 on: July 07, 2009, 08:20:55 AM »

Hi jp10558,

Quote from: jp10558 on July 06, 2009, 01:16:04 PM

Seems to be a few false positives immediately on install in the AV.

One is the PSEXESVC service, from SysInternals psexec tool to remotely start processes. It was found in C:\Windows\PSEXESVC.EXE - it is detected as Unclassified malware[at]8163993

The second appears to be part of ghostscript - used to view postscript files or generate PDFs by many free PDF printers. This one is in C:\gs\gs8.54\bin\gswin32.exe - this one is Huer.Suspicious[at]22637055

The others appear to be XenoCode settings which are web based VMs to run browsers for testing without installing them. They vary but are all Huer.Suspicious

The reported FPs have been fixed in DB 1575.

-Chandra Mohan


	Logged

Tags:

Pages: [1]

Go Up

Print

« previous next »

Jump to:

SSL Certificate

Free Virus Removal

Firewall

Page created in 0.067 seconds with 18 queries.

Powered by SMF 1.1.10 | SMF © 2006, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks

Design by 7dana.com