b2e.exe & HIPS

Comodo Internet Security - CIS Defense+ / Sandbox Help - CIS
#1

i know i’ve mentioned this before but i’ll just tell my story again, i love talking ;D
at first i thought the problem is only between b2e.exe & CIS, but i have the same pop up problem with OA & PCtools firewall.

i have an inventory & sales management software called ND95. and i have another same function software called nesprint. i need to have both of them cos i use the ND95 for daily sales & inventory recording and then at the end of the day, i have to generate/convert the data into XML file & send it to webhost server using nesprint (i do it on daily basis)

ND95 (generate XML file) ==> nesprint (check & validate the file size) ==> server

now the issue with b2e.exe.
on nesprint, there’s this module called validation tool. it’s used for validating the XML files number & size to make sure i won’t send corrupted data.

the problem is, this validation tool executes different b2e.exe from different temp folder each time i open it. so every HIPS like product (Defense+, PCtools firewall, Online armor) always pop up asking me whether to allow or block it, and ticking remember won’t do any good since these b2e.exe are from different temp folder.it’s annoying 88)

i’ve googled for b2e.exe, and here’s the top 4 results:

  1. http://www.threatexpert.com/files/b2e.exe.html
    almost 50-50 chance that b2e.exe is malware ??? but i got this nesprint from Nestle Indonesia, no way they give me rouge software.

  2. http://www.prevx.com/filenames/1424080856057770477-0/B2E.EXE.html
    even more scary, it says Your PC may be infected. The presence of a file called B2E.EXE is a possible sign of infection. 88) no complaint on the prevX girl btw
    http://i41.tinypic.com/23it6yc.gif

http://www.whatsrunning.net/whatsrunning/QueryProcessID.aspx?Process=19925

this link’s offering free scan. not sure if it’s legit. pls tell me if it’s malware link, i’ll remove it

  1. https://forums.comodo.com/comodo_boclean_antimalware/false_positive_b2eexe_resolved-t24308.15.html
    BOClean thread ;D if you guys read it, BOC once flag b2e.exe but then remove it from signature. so it’s false positive.

now aren’t we confused 88)
one said it’s malware, the other one said it’s false positive, and one other gave you 50-50

(the current CIS AV still flag b2e.exe as malware btw)

so can anyone tells me, how do ppl with b2e.exe can survive without having too many HIPS pop up.
the only pop up free way i can think of is using CIS firewall only, not too bright idea,don’t you think? 88)

#2

Hi ganda,

Same tweak for many game problems.

Run your tool, In D+ pop up Allow and Remember.

Open CIS > D+ > Computer Security Policy > Add
Browse to the Temp folder with your b2e.exe
Before you Apply. Change the File path.
Put a wildcard in place of the part of the file path that changes each time.

So like C:\Windows\Temp\54321abblah\b2e.exe …becomes
C:\Windows\Temp*\b2e.exe

Then you can apply the rule and it will stick, and edit or make trusted etc.

Hope this helps you.
Later

#3

what?! that’s it!?! :o and here i am wasting my time downloading/reinstalling/uninstalling things.

thx bad-frogger :-TU i’ll try it tomorrow when i’m at my office :-TU

edit:
ow, if you don’t mind. i have PCtools firewall in this comp at home. do you know how to edit (add the wildcard) the rules on PCtools firewall? :a0 i can’t find it

#4

sorry I don’t know, that one.

#5

ok np :-*

redownloading CIS right now :-La

#6

OK, done! 8)
i have to treat both “wildcarded b2e.exe” & validation tool as windows system application to avoid popup. :-La thx! :-TU

ow, and i did the same to CIS AV exclusion list.
you’re a hero badfrogger :-* :-TU

thx again! (:HUG)

#7

Sounds Gandalicious :smiley: ;D

You are most welcome.

Later