JV16 Powertools

I’ve been using JV16 powertools for a few years. They have just come out with their 2011 version. Although the installation went well, when I tried to open the program I got a Defense+ alert stating that:

“jv16PT.exe tried to execute shellcode as a result of a possible buffer overflow attack”.

The webpage is here: http://www.macecraft.com/

Any ideas? The Macecraft board said to report it to you as a FP.

hey and warm welcome to comodo forums cruelsister!

add it here CIS —> Defense+ —> Defense+ Settings —> Execution control Settings —> Detect shellcode injections (i.e. Buffer overflow protection) —> Exclusions —> Add —> Browse…

Regards,
Valentin N

Hi cruelsister ,

We are going to have a look at it and will get back to you after investigation.

Thanks and Regards,
FangFang

MaceCraft states to exclude this program from any AV as it may report such an attack. Also excluding it will permit JV16 to function properly.
I use this software myself and it is a FP.

And I thought I would have to wait a day or so before a response! Thank you all.

Hi,
The samples <jv16pt_setup_hb.exe> (SHA1: )
u submitted as false-positive is not detected by Comodo Internet Security version <5.3.176757.1236> with database version <7737>. Please make sure the Antivirus database is updated and check again.
Regards,
fangfang

Mine also detected the shellcode execution FP during installation. AV is up-to-date.

It is not a FP as this is nothing to do with the AV.

Possible buffer overflow alerts are from Defense+

I can’t remember if i got it during installation, but i get it when i start the program.

http://www.macecraft.com/phpBB3/download/file.php?id=2640

Hi Lasse88,

Please upload this file to us via Forum, or HERE.
Thanks.

Kind Regards,
Erik M.

I have uploaded the file now.

In which way will sending the file help? this is a d+ alert and not AV alert

Thanks

Regards,
Valentin N

Hi, This is to inform you that false-positive with (SHA1: ) has been fixed. You can update to AV database Version <7741> of Comodo Internet Security Version<5.3.176757.1236> and confirm it.

Regards,
chenchunli
Comodo AntiVirus Lab
2011-2-20

Still buffer overflow.

buffer overflow has nothing to do with the AV or D+. What is has to do is with the ■■■■■■ programming jv16 has done with their new version, they have to fix it. Comodo can’t do anything about it, the only thing you can do is add it to the buffer overflow exclusions.

Well it’s them who are asking for it. 88) im just doing as they ask me to do.

I am sorry but were this Topic is they are expected to ask for the file.

If you have further problems with Buffer overflow please post here Defense+ / Sandbox Help - CIS.

Topic Locked if the OP wishes it to be unlocked please PM a online Moderator.

Thank you

Dennis