Rootkit.HiddenValue@0 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FlashUtil64_11_6_602_171_ActiveX.exe\DisableExceptionChainValidation
I looked at the value of the registry entry, and it was simply “0”.
Is the mere existence of this registry entry evidence of a rootkit? ???
It looks to me like a FP but please submit it to the Comodo for the analysis.
Should I do “Ignore → Report this to COMODO as a False Alert”, or should I submit this some other way?
Yes you can. After you submit it via CIS as you said you can make a FP topic here on the forum:
Or you can submit it here as well:
If you still want to know for sure if it’s a FP… It would be good to double check the file in:
http://camas.comodo.com/ (You can also submit it here… Comodo will get the file)
Welp. My computer restarted while I was sleeping, and it scans as being clean now, so maybe it was just something I had open at the time. Very strange!
Could be anything. I don’t think it’s down to this detection. I see. In that case you are safe and it’s def FP. By the looks of it… It’s an error or conflict with Comodo AV and Flash that’s why you got this FP.