False Positive? Heur.Suspicious@76588732

During a scan, Comodo Internet Security picked something called Heur.Suspicious@76588732. It was found in C:\Nexon\Combat Arms\NMService.exe.

Personally, I think that this is a false positive as it was installed on the same date & around the same time I installed Combat Arms, which is a multiplayer FPS. However, to be on the safe side I’ve quarantined the file.

What do you think I should do?

submit the file through here Comodo Firewall | Get Best Personal Firewall Software for $29.99 A Year and give it a few days, unquarantine the file and scan once again, if it is fixed it will not pop up again.

I kind of did things differently after reading what you wrote. I went to the Quarantine & I used the Submit button to submit the file that way. Does that way work as well, or should I still do the method you suggested? I also un-quarantined the file & now for some reason Comodo Internet Security isn’t popping up a message saying that file has been detected as a virus. Maybe it’s because I submitted the file & for the time being it isn’t popping up with that message?

We are going to check it out and will get back to you shortly.But i suggest you upload the file to the link :Comodo Firewall | Get Best Personal Firewall Software for $29.99 A Year

Okay, things have gotten even more weird. When I double-click on the file to open it, I get this message:

“Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.”

That makes no sense, because I’m the administrator of my computer. I even tried the run as administrator option & I got the same message.

When I try uploading the file, I get this message:

NMService You don't have permission to open this file.

Contact the file owner or an administrator to obtain permission.

Is there any possibility that quarantining the file & then removing it from quarantine somehow corrupted the file?

I think I read before that you lose permissions if you do not disable the antivirus when you remove a file from quarantine.

Will see if I can find it.


Edit Sorry could not find the post all I found was a post from the previous antivirus version, it suggested to disable the antivirus whilst submitting the file.


This FP has been fixed. Please check in virus signature <2990> database and confirm.

Erik M.

I just updated the virus database and as soon as I entered C:\Nexon\Combat Arms I got the pop-up saying NXService.exe has been identified as a virus.

I have added the file to My Own Safe Files as I highly doubt the file is a virus - I’m guessing it contains some sort of code that Comodo Internet Security is finding suspicious.

I have submitted the file using the “Submit Suspicious Files” feature in Comodo Internet Security. Hopefully that will help things.

Hello Jesant13,

This FP has been fixed. You may check in virus signature 3009 database and confirm.


I can confirm it has been - I manually scanned the file after actually re-installing Combat Arms (just in case removing the file from Quarantine while having the anti-virus enabled caused a problem) & CIS didn’t detect it as a virus.

Thanks for the help guys. :slight_smile: