After opening this installer for a game called “Battle of Destiny”, I got these:
File name: C:\System Volume Information_restore{18DDAFD9-F097-42D6-9105-CC2AFF97C793}RP23\A0007990.exe
File name: C:\System Volume Information_restore{18DDAFD9-F097-42D6-9105-CC2AFF97C793}RP23\A0007991.exe
File name: C:\System Volume Information_restore{18DDAFD9-F097-42D6-9105-CC2AFF97C793}RP23\A0007992.exe
File name: C:\Documents and Settings\Administrator\Local Settings\Temp\7zS32A.tmp_install\1\BOD.exe
File name: C:\Documents and Settings\Administrator\Local Settings\Temp\7zS32A.tmp_install\1\BOD.exe
I’m not sure what to make of these because only COMODO seems to detect these things. Also, the database was up to date when I detected these, and I already submitted what I found through the CIS Quarantine Submission.
Thanks for any help you can provide.
system
July 26, 2009, 2:34am
#2
After opening this installer for a game called “Battle of Destiny”, I got these:
File name: C:\System Volume Information_restore{18DDAFD9-F097-42D6-9105-CC2AFF97C793}RP23\A0007990.exe
File name: C:\System Volume Information_restore{18DDAFD9-F097-42D6-9105-CC2AFF97C793}RP23\A0007991.exe
File name: C:\System Volume Information_restore{18DDAFD9-F097-42D6-9105-CC2AFF97C793}RP23\A0007992.exe
File name: C:\Documents and Settings\Administrator\Local Settings\Temp\7zS32A.tmp_install\1\BOD.exe
File name: C:\Documents and Settings\Administrator\Local Settings\Temp\7zS32A.tmp_install\1\BOD.exe
I’m not sure what to make of these because only COMODO seems to detect these things. Also, the database was up to date when I detected these, and I already submitted what I found through the CIS Quarantine Submission.
Thanks for any help you can provide.
Hi novazero,
We are going to have a look at it and will get back to you after investigation.
Regards,
gmohan
July 26, 2009, 3:01pm
#3
Hi novazero,
After opening this installer for a game called “Battle of Destiny”, I got these:
File name: C:\System Volume Information_restore{18DDAFD9-F097-42D6-9105-CC2AFF97C793}RP23\A0007990.exe
File name: C:\System Volume Information_restore{18DDAFD9-F097-42D6-9105-CC2AFF97C793}RP23\A0007991.exe
File name: C:\System Volume Information_restore{18DDAFD9-F097-42D6-9105-CC2AFF97C793}RP23\A0007992.exe
File name: C:\Documents and Settings\Administrator\Local Settings\Temp\7zS32A.tmp_install\1\BOD.exe
File name: C:\Documents and Settings\Administrator\Local Settings\Temp\7zS32A.tmp_install\1\BOD.exe
I’m not sure what to make of these because only COMODO seems to detect these things. Also, the database was up to date when I detected these, and I already submitted what I found through the CIS Quarantine Submission.
Thanks for any help you can provide.
The reported FPs have been fixed in DB 1773.
-Chandra Mohan
Thank you very much for this.