Paq Keylog 5.0

Not sure if this is a joke, false positive or what, but I thought I’d report it here. I installed the new Comodo Professional Firewall today and had been surfing. I had run SpyWare Doctor just a little while ago, Inteli-Scan and nothing was picked up. I then updated my definitions with PestPatrol and picked up “Paq Keylog 5.0” which was in the Comodo directory. I looked this up and got this information:
" Key Logger: (Keystroke Logger). A program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully in the hopes of either finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack. For example, a key logger will reveal the contents of all e-mail composed by the user. Keylog programs are commonly included in rootkits and RATs (remote administration trojans). "
I’m not sure what it going on but an explanation might be in order. If this is some type of false positive then that would be good to know as well.

http://img.photobucket.com/albums/v395/SuperH18/paqkeylog.jpg

We had reports of this.
Its a definite False Positive.
Pls get in touch with the relevant vendor to fix this False reporting.
thanks

Melih

Thanks for the reply. I really like the new firewall. Unfortunate to see this fale positive come up, especially with a key logger or any sort. Very suspicious and dangerous. I will contact eTrust regarding the PestPatrol scan tonight ASAP… :slight_smile:

great thanks…
its not the first time they got an FP on Comodo btw :wink:

Melih

I just finished sending eTrust the information regarding this situation.

Thanks

Lets hope they are as fast as us :slight_smile:

Melih

I had the exact same issue as the OP. I downloaded the newest version of Comodo firewall just a few days ago. I ran a scan using Spyware Doctor tonight, nothing showed, I then ran a scan using CA pestpatrol and the paq keylog 5.0 showed up. Funny that noting showed up yesterday or the day before using pestpatrol. I will also contact CA

BTW: how do we really know it’s a FP?? I really hope it is!

very simple: ask the company who is reporting it as a false positive, i am sure they will confirm…

Melih