Comodo detects ReadReg.exe as Suspicious@#1pjbssbu3nriu
I have had the latest version (1.2) installed for about 4 days now. Prior to installing this software, I have not installed any new programs for awhile. So...
Starting about 3 hours after I installed the MuseScore software, Comodo started reporting a program was acting suspicious. It was called ReadReg.exe. Each time ReadReg.exe was detected the executable was found in a different directory in my temp folder.
Some examples are:
C:\Documents and Settings\Jim\Local Settings\Temp\CDM\{F0FCBEDF-C6b9-474c-A068-207Ac575C0D9}\Common\i386\ReadReg.exe
C:\Documents and Settings\Jim\Local Settings\Temp\CDM\{1AECDF36-4212-4F01-BC93-1BC123D9F934}\Common\i386\ReadReg.exe
My hope here is that this behavior is behavior by design of the MuseScore software program and that Comodo just has no clue yet that this software behavior is safe and to not complain when the software attempts to perform this action.
Could someone clarify for me if this is expected behavior of the MuseScore software and that I should submit this action/behavior to Comodo so they will not flag this in the future.
In the mean time, I have uninstalled the software and Comodo has not complained yet.
Thank You
Comments
Sounds more like a Comodo update is detecting a false positive. MuseScore has no such exe as Readreg.
In reply to Sounds more like a Comodo by schepers
Or the place where you obtained MuseScore had an infected version. Make sure to take it from MusesScore's Download page
In reply to Or the place where you by Jojo-Schmitz
In case you did not download MuseScore via musescore.org or sourceforge.net, please let us know from where you downloaded it from. This way we can act and get the malware removed. Thank you for your help.
In reply to External source? by Thomas
The following URL is where I downloaded the file from. I found it by following the Free Download link located on the MuseScore website.
http://downloads.sourceforge.net/project/mscore/mscore/MuseScore-1.2/Mu…
A little digging on Google has unearthed the information that ReadReg.exe is associated with Creative applications.
Is your soundcard a Creative Soundblaster or similar??
In reply to A little digging on Google by ChurchOrganist
Yes, it is a Creative Live 5.1. Using the Microsoft provided Windows XP device drivers.
I have used this same sound card, Windows XP, Comodo combination for years. Not sure why Comodo would start complaining about this setup now.
Since this MuseScore program interacts with my sound card. ie: outputs audio. Is their any chance that the way MuseScore interacts with my sound card could be causing the ReadReg.exe program to misbehave?
In reply to Yes, it is a Creative Live by jlucas
In that case have a look at this conversation on the Comodo forums.
https://forums.comodo.com/empty-t46889.0.html
and this one from the Creative forum
http://forums.creative.com/archive/index.php?t-553847.html