3 replies to this topic

[stillen]

Is this a false positive :

C:\System Volume Information\_restore{6477B972-6C05-44EF-A9CF-16C394588CE2}\RP318\A0016880.exe (Rogue.AntivirusProtection) -> Quarantined and deleted successfully.

I am running Comodo firewall version 2.4

as you can see i went ahead and deleted and quaranted the file pending further info.

searching the internet did not bring any info either I found out about this product from the Dell forums have had it for one day and like it so far.

thanx stillen

[nosirrah]

stillen, on Feb 27 2008, 11:23 AM, said:

Is this a false positive :

C:\System Volume Information\_restore{6477B972-6C05-44EF-A9CF-16C394588CE2}\RP318\A0016880.exe (Rogue.AntivirusProtection) -> Quarantined and deleted successfully.

I am running Comodo firewall version 2.4

as you can see i went ahead and deleted and quaranted the file pending further info.

searching the internet did not bring any info either I found out about this product from the Dell forums have had it for one day and like it so far.

thanx stillen

That file was from system restore and could be related to some of the web install rogues .

If you ever had a trace of this rogue (even from your temp files) then this could be what is being detected . This could have happened at any point this computer has existed .

The good new is that at its current location it is completely harmless .

I will keep an eye on FP reports to see if this truns up again .

[stillen]

Thanx for the reply my PC seems to be operating better since removal of said item so will just leave it in quarintine.

Would it help if did what was suggested on and use the( mbam Developer tool ) as sugested would this help in any info.

regards stillen

[nosirrah]

You would first have to unquarentine that fine and then run MBAM again in developers mode .

The file is harmless in either location so the choice is yours .