Curious Files After Installing v8.0

I mentioned this in the general release thread. I’m curious as to what these files are for. They kept being alerted by D+. The file names differ from two different installations.

https://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-8004337-is-released-t108001.0.html;msg784702#msg784702

[attachment deleted by admin]

==Bump==

==Bumpity-Bump==

Can you see what process is starting these files?

Not anymore. I deleted them, but kept copies (attached). When I installed CIS 8.0 on two machines, I noticed them because D+ kept flagging them. I checked their properties and they are Comodo files. That’s all I can remember. I just thought others would have them on their system and could comment.

I attached my logs.

[attachment deleted by admin]

I checked their file hashes and they are the same. The Details tab learns us they are related to v7.0.317799.4142.

May be you could check with Autoruns to see if there are references to these files. Something appears to be them starting them.

How do I do that? I’m not familiar with Autoruns. The files weren’t left over from v7.0. Their file date corresponded with the v8.0 installation. When I found them on the first v8.0 installation, I made sure they were not present before I did the second installation. After the second installation, they were present.

I ran AutoRun Analyzer in CCE and found a Scheduled Task entry. It is highlighted in blue in the attached screenshot.

\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} File not found: C:\ProgramData\cisC42A.exe

[attachment deleted by admin]

On what Windows version did this happen?

I just a clean install of CIS v8 but I do not have this file or a reference in Task Scheduler. I am using Windows 8.1.1 x64.

Are there others also experiencing this?

1) Win7 Pro SP1 64bit on both installations.

2) I don’t know.

=Bump=

I don’t know what these files do but when I trying to be practical about it I would say try disabling the autoruns and see if that makes a difference or not.

I was just wanting to know what they were for. I have deleted the files and deleted the autoruns entry through Killswitch. I no longer have a problem with the files. Just wondered about their existence.