UltraVNC setpasswd.exe a Trojan?

For some reason the AV is detecting C:\Program Files\UltraVNC\setpasswd.exe as TrojWare.Win32.ButeRat.PP@288352594, checked the file on virustotal and only Comodo AV comes up with a hit, so I’m thing this is a false positive.

Just wondering if anyone else is getting this?

Can you please upload the file which is being detected to VirusTotal and post a link to the results?

Thank you.

Here the VirusTotal report VirusTotal

Hi,aim4it

Thank you for reporting this.
We’ll check it and get back to you soon.

Best regards
Chunli.chen

Hi aim4it,

This is to inform you that false-positive has been fixed.
You can update to AV database Version <14229> of Comodo Internet Security Version<5.12.256249.2599> and confirm it.

Regards,
Ponmalar.S

I am getting the exact same problem. I am running 5.12.256249.2599 with database 14456, but it still shows the false positive.

Uploading the file to VirusTotal told me that it had already been uploaded, detailing aim4it’s upload. However, I uploaded it again, and found that only Comodo flagged it as bad. Here is my log:

It would be great if you could have another look at this, as it does seem to be a false positive.

Hello scrollingbanner,

Thank you for reporting this. We’ll check it and get back to you soon.

Best regards,
FlorinG

Hi scrollingbanner ,

This is to inform you that false-positive has been fixed.
You can update to AV database Version <14464> of Comodo Internet Security Version<5.12.256249.2599> and confirm it.

Best regards
Qiuhui.■■■■

I am this problem too!

setpasswd.exe is on the UltraVNC 1.1.8 installer, or archives for x64 and x86 system.

Can you look for all ?

Thanks in advance,

Regards,

Neustradamus

Hi Neustradamus,

Thank you for reporting this. We’ll check it and get back to you soon.

Kind Regards,
Erik M.

Thanks Erik !

I think that it is good for previous versions but you can look in the same time :wink:

Regards,

Neustradamus

Hi Neustradamus,

This is to inform you that false-positive has been fixed.
You can update to AV database Version <14474> of Comodo Internet Security Version<5.12.256249.2599> and confirm it.

Kind Regards,
Erik M.

Hello all ,

got same issue for a long while.

trying yo download and use this file ;

and when i am trying to UNRAR it after my download comodo says it has malicious file detected
TrojWare.Win32.ButeRat.PP .

i have Product version 5.12.256.249.2599
Database version : 15150

pls fix it or check the file above ( pls you dowload it and check ) and tell us its SAFE or NOT .

Many thanks !!!

Hi zenci37,

Thank you for reporting this. We’ll check it and get back to you soon.

Kind Regards,
Erik M.

Hi, it still come up as “Heur.Suspicious” after cloud checking
(attached screen)

http://camas.comodo.com/cgi-bin/submit?file=2af7401dc1ebf58ba7e41d21cf13185e0c70c639e874212a0f89e1b2d181b6a2

[attachment deleted by admin]

Hi,spywar

Thank you for your submission.
We’ll check it.

Best regards
Chunli.chen

Hi,zenci37

This is to inform you that false-positive has been fixed.
You can update to AV database Version <15153> of Comodo Internet Security Version<5.12.256249.2599> and confirm it.

Best regards
Chunli.chen

Hello ,

Thank you ;D