[FIXED] pyl18.tmp.exe - Heur.Dual.Extensions

Welcome to the Comodo Forum

Welcome, Guest. Please login or register.
December 27, 2009, 06:46:25 AM

345478 Posts
38155 Topics
86643 Members
Latest Member: rubbe

more news...

Welcome to the Comodo Forum

Desktop Security Products

Comodo Internet Security - CIS

Bug Report - CIS

False Positive/Negative reporting - (Is this a malware that CIS has/not detected?)

[FIXED] pyl18.tmp.exe - Heur.Dual.Extensions

« previous next »

Pages: [1]

Author

Topic: [FIXED] pyl18.tmp.exe - Heur.Dual.Extensions (Read 863 times)

fOrTy_7

Comodo's Hero

Offline

Posts: 341

[FIXED] pyl18.tmp.exe - Heur.Dual.Extensions

« on: July 05, 2009, 04:51:15 AM »

CIS version: 3.10.102194.530
DB version: 1546
Heuristics: Low

Heur.Dual.Extensions %tmp%\pyl18.tmp.exe VirusTotal


« Last Edit: July 10, 2009, 08:27:12 AM by fOrTy_7 »	Logged

Windows XP Pro SP3 32-bit
Comodo Internet Security 3.13.121240.574

hailong.wang

Global Moderator
Comodo's Hero

Offline

Posts: 520

Re: [FP] pyl18.tmp.exe - Heur.Dual.Extensions

« Reply #1 on: July 05, 2009, 10:12:21 PM »

Quote from: fOrTy_7 on July 05, 2009, 04:51:15 AM

CIS version: 3.10.102194.530
DB version: 1546
Heuristics: Low

Heur.Dual.Extensions %tmp%\pyl18.tmp.exe VirusTotal

Hi fOrTy_7，

We are going to have a look at it and will get back to you after investigation.

Regards,
hailong.wang


	Logged

hailong.wang

Global Moderator
Comodo's Hero

Offline

Posts: 520

Re: [FP] pyl18.tmp.exe - Heur.Dual.Extensions

« Reply #2 on: July 05, 2009, 10:37:26 PM »

Hi fOrTy_7，

The samples you offered can't be run，and an error occured“libgcj_s.dll is missing”.so can u pls offer the software’s name or the link?

Regards,
hailong.wang


	Logged

fOrTy_7

Comodo's Hero

Offline

Posts: 341

Re: [FP] pyl18.tmp.exe - Heur.Dual.Extensions

« Reply #3 on: July 06, 2009, 05:14:45 AM »

Quote from: hailong.wang on July 05, 2009, 10:37:26 PM

The samples you offered can't be run，and an error occured“libgcj_s.dll is missing”.so can u pls offer the software’s name or the link?

I'm afraid I cannot help you much more. I don't know from where I got this file or by which software it could be created. The mentioned file was stored in temporary files folder under my user profile folder on Windows XP.


	Logged

Windows XP Pro SP3 32-bit
Comodo Internet Security 3.13.121240.574

Endymion

Comodo's Hero

Offline

Posts: 971

Reality is subordinate to perception

Re: [FP] pyl18.tmp.exe - Heur.Dual.Extensions

« Reply #4 on: July 06, 2009, 05:24:15 AM »

That exe was seemingly generated by wubi installer for Ubuntu http://wubi-installer.org/


« Last Edit: July 06, 2009, 05:28:52 AM by Endymion »	Logged

I have learnt silence from the talkative, toleration from the intolerant, and kindness from the unkind; yet strange, I am ungrateful to these teachers.

Kahlil Gibran (1883 - 1931)

fOrTy_7

Comodo's Hero

Offline

Posts: 341

Re: [FP] pyl18.tmp.exe - Heur.Dual.Extensions

« Reply #5 on: July 06, 2009, 05:50:28 AM »

Quote from: Endymion on July 06, 2009, 05:24:15 AM

That exe was seemingly generated by wubi installer for Ubuntu http://wubi-installer.org/

That's correct. I've got Kubuntu 9.04 x86 on CD. I'm using it mostly as the LiveCD. Anyway, the mentioned process is an autorun GUI menu. The filename seems to be random but the MD5 is the same.

Endymion, thanks for the hint. Thumb Up


« Last Edit: July 08, 2009, 02:38:57 AM by fOrTy_7 »	Logged

Windows XP Pro SP3 32-bit
Comodo Internet Security 3.13.121240.574

Endymion

Comodo's Hero

Offline

Posts: 971

Reality is subordinate to perception

Re: [FP] pyl18.tmp.exe - Heur.Dual.Extensions

« Reply #6 on: July 06, 2009, 06:38:21 AM »

Quote from: fOrTy_7 on July 06, 2009, 05:50:28 AM

Endymion, thanks for the hint. Thumb Up

You're welcome


	Logged

I have learnt silence from the talkative, toleration from the intolerant, and kindness from the unkind; yet strange, I am ungrateful to these teachers.

Kahlil Gibran (1883 - 1931)

shaogang.he

Global Moderator
Comodo's Hero

Offline

Posts: 239