I have Comodo Internet Security.
I was just informed by Comodo’s Antivirus that apparently an executable that I have
is infected with-
Heur.Pck.ExeShield
I googled this and every combination of this and absolutely nothing
(that wasn’t garbage) came up.
I think it is safe to assume that the first part means “Heuristic” (which means PROBABLY but not certainly a virus), the second part means “Pack?” (a packed virus?) and the third part means… ExeShield.
Personally I have never heard of ExeShield.
I googled Exeshield and some drm garbage came up.
I googled “ExeShield virus”, and again, nothing but garbage.
This is an executable I have used a handful of times. This laptop runs quite well, and is completely clean, except for whatever this is, if it even is a virus. I would prefer not deleting it, as it is a useful tool.
If anyone can tell me what this is, I would greatly appreciate it.
This is most likely a false positive. You can submit it like this.
Like many other AV’s, CIS can detect viruses two ways. One by signatures, which is kind of like the virus’s fingerprint that is stored in CIS’s virus database. There are millions of these sigs. in the database.
Heur. means that CIS’s heuristics found it. Since this technology is fairly new in CIS, there have been many false positives where safe files are flagged as dangerous. By submitting these, it can help COMODO improve the heuristics and fine tune it.
And the other names like ‘Pack’ and ‘ExeShield’ really have no meaning to the user becuase this is what COMODO named this particular virus and every AV company names them differently.
I was under the assumption that it was a false positive, but I decided to ask just in case.
Better safe than sorry as they say.
I actually questioned the file slightly, and was wondering what an “ExeShield” virus was and what kind of threat to system security it posed. I assume that COMODO labels the virus based on it’s intent, so I was wondering what an “ExeShield” was.
I will submit the file in question.
Thank you for your help with this.
