I got this same DLDR-.D GAMES warning when I signed in tonight. unfortunately I had no idea it was a FP and did what Boclean advised. I then found out it had shut off my AVG 7.5 Free Antivirus and as it also found it in a Win32 file it has also deleted that from the registry… Thinking my AV was compromised I then uninstalled the program went online and downloaded a new one. I reinstalled the new AVG 7.5 Free Edition and during the installation process got the warning again from Boclean. When the installation finished I found that there was no AVG icon on my taskbar as before. I had the desktop icon and the Widows Security Center tells me that AVG is working. I then ran Autoruns and found out that AVG 7.5 has been removed from my startup programs. Excuse my ignorance but can someone explain to me what has happened and what do I do now. Again thanks in advance.
Bluesjunior.

I’ve been getting the same FP ever since i got todays BOClean update (2007-05-21 12:10:34) and have already sent it to tech support., and like others have already stated at every reboot it comes back. I hope they fix this FP soon.

05/21/2007 10:43:06: C:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS
Trojan horse was found in above file
DLDR-GAMES.D MALWARE STOPPED by BOCLEAN!
Logged in user:
Active trojan horse was shut down. System now safe.
Trojan horse was removed, registry cleaned.

Melih is looking into this last update.

Oh no!!! First it was found in AEC.sys here, so I booted in safemode to delete this file… hope everything will continue to work anyway. By the way, as I managed to delete aec.sys, BOClean started to warn about DMIO.sys instead. :-\

WOW they Quality of Checking has gone down.
Yeap I got the same in my WINXP and now in VISTA I got Infocard.exe as a TROJAN DLDR-GAMES.D

The path is:
c:\windows\Microsoft.net\framework\v3.0\windows\communication foundation\infocard.exe

Come on NANCY AND KEVIN KICK THOSE NOOBIES! They are beginning to cast a bad light on BoClean this is the 2nd FP in 2 months! I had BoClean since 2001/2 era and I never had FP prior to now.

i’m sure they are working very hard, though it is amazing that a component of AVG and a default component of the Vista OS was picked up…

Rotty, what happened with the other posts in this topic ??? Why are they deleted ??? With the merging of the topics there where many posts deleted too Why is that ???

Why do Moderators just delete topics withought even giving a reaon :-\

Greetz, Red.

They were off topic and cluttering/confusing the issue.
Thanks for the help!

~cat~ please, think twice before you post

Off topic ??? Because I said that the guy just found a new False Positive ??? What about researching the false positives and try to find the common factor ???

Lol Many posts where deleted today, and I don’t think that is smart

Greetz, Red.

P.S. I filed a serious complaint about this to Melih.

Well, look what I started !!!

Seriously, I luckily did not delete the file, but did immediately do a Jotti, then posted ! The 1st CBOC FP a while back I did delete - learned from that !

Rather a FP than a slip-thru !

I had DLDR-GAMES.D found in C:\WINNT\system32\drivers\ipsec.sys. It appears as a valid MS file.

I did not delete the file. When I click examine report, it is empty. Should there be something in the report?

Thanks.

I just spent an hour panicing because I trust BOC. I had logged off from the internal network and when I logged on again when all hell let loose.

05/22/2007 00:11:23: C:\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS
Trojan horse was found in above file
DLDR-GAMES.D MALWARE STOPPED by BOCLEAN!
Logged in user: Me?
Active trojan horse was shut down. System now safe.
Trojan horse was removed, registry cleaned.

Then when you restart it does it again followed by

05/22/2007 00:22:02: C:\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS
Trojan horse was found in above file
DLDR-GAMES.D MALWARE STOPPED by BOCLEAN!
Logged in user: Me?
Active trojan horse was shut down. System now safe.
Trojan horse was removed, registry cleaned.

and

05/22/2007 00:22:39: C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS
Trojan horse was found in above file
DLDR-GAMES.D MALWARE STOPPED by BOCLEAN!
Logged in user: Me?
Active trojan horse was shut down. System now safe.
Trojan horse was removed, registry cleaned.

Which promptly shutts down McAfee Virus scan. Having downloaded that and reinstalled it twice it did it again!

Glad I am not the only one who found this place!

It came up on me too. It kept coming up on me so I did a reformat. Got that done and reinstalled Boclean and got hit with the pop up again. Figured it was a false positive so went back to the image before I installed Boclean. Think I will hold off installing it again until things get fixed.

Me too

Hi Guys,
Got this too.
Message coming back on reboot no matter what you answer.
I do understand that this will be fixed. So I’m trying not to panic.
At the same time I want to add a short description because it differs a bit and/or may help some users and developers.
The message says:
Location of startup: FILE
/STARTUP

???
To make it short:
when I found nothing I can think of, scanning saying NO and restarting I did hit Yes.
Spybot S&D fires up a few screens notifying that NT run/startup/open entries are going to be removed which I denied. Spooky!!!
Then I searched for issues in registry. That was the last thing I’ve done at night before shutdown. No Issues were found at hat time. This time there were 2 discrepancies missing DLL and ActiveX issue pointing here

[HKEY_CLASSES_ROOT\CLSID{E5ABEB00-B357-4884-9949-77B2C71A7EE3}]
@=“BoardCtl Class”
[HKEY_CLASSES_ROOT\CLSID{E5ABEB00-B357-4884-9949-77B2C71A7EE3}\InprocServer32]
@=“C:\WINDOWS\Downloaded Program Files\BoardID.dll”
“ThreadingModel”=“Apartment”
[HKEY_CLASSES_ROOT\CLSID{E5ABEB00-B357-4884-9949-77B2C71A7EE3}\ProgID]
@=“BoardID.BoardCtl.1”
[HKEY_CLASSES_ROOT\CLSID{E5ABEB00-B357-4884-9949-77B2C71A7EE3}\Programmable]
[HKEY_CLASSES_ROOT\CLSID{E5ABEB00-B357-4884-9949-77B2C71A7EE3}\TypeLib]
@=“{A291304A-A32B-43E3-9837-E736DCD49420}”
[HKEY_CLASSES_ROOT\CLSID{E5ABEB00-B357-4884-9949-77B2C71A7EE3}\VersionIndependentProgID]
@=“BoardID.BoardCtl”

So it looks like some components belonging to my new Intel Mobo were deleted.
The only hope is that the location is “downloaded files” and whatever I installed still working. Am I sure? … NOT Really… (:SAD)
Thanks

Hey,

There is more info about this issue here:

[b]https://forums.comodo.com/index.php/topic,9036.0.html[/b]

SD.

(CNY)

Thank you for the update fix.
All is well for me now. (:CLP)

Hey,

Just got my update at 6 am (UK time) and this looks like it has sorted that issue out.

Well done to Comodo but maybe next time could it be a bit quicker??

SD.

(CNY)

when you say that “the Location of startup: FILE/STARTUP message keeps coming back”, what do you mean? where are you seeing this message?

from your post, it sounds like there was a conflict between spybot’s “teatimer” and BOC’s cleaning… maybe your not allowing BOC’s cleaning to run properly created a problem…

if you want to let BOC’s cleaning fully run and see if that straightens out the problem, you can run GRC’s “leaktest” and then let BOC do its cleaning, with spybot’s “teatimer” disabled, so that it doesn’t interfere with BOC’s cleaning… however, it is possible that c-boc 4.23 could trash your “winsock”, unless you have BOC set to not clean winsock…

if BOC trashes your “winsock”, you could try repairing it… to repair “winsock”, use “command prompt” and type “netsh winsock reset catalog” (minus quotations) and then press “enter”…

the intel motherboard thing that was “deleted” was an activex control that i pressume you downloaded from the intel website, for identifying what motherboard you have… if you want to restore the intel activex control, go back to the intel website and download the activex control, again…

personally, i disable all of BOC’s cleaning-options so that it does not remove my HOSTS file or my activex controls, or strip my settings in IE, however that might not be a good idea, for others…

RedNose: I actually was NOT responsible for that (:WAV)

Moderation(Unpaid-Volunteer) is a very hard job, decisions must be made and lines drawn. Not everyone is going to agree with the lines drawn and decisions made.