Bit Blot Forum

Aquaria => General => Topic started by: molotovjester on April 05, 2009, 11:29:53 am

Title: Aquarua.exe (demo) Virus Collision w/ Comodo as Heur.Pck.MoleBox
Post by: molotovjester on April 05, 2009, 11:29:53 am

Running a scan on my computer, and the Aquaria.exe file from the demo version is detected by Comodo anti-virus as Heur.Pck.MoleBox .

Probably a false positive, but the file appears to be submitted to Comodo for analysis, and just to be sure, I re-downloaded a fresh copy (from the url below) and the same detection was made.
http://www.flashbangstudios.com/mirror/AquariaDemo.2007.12.07.exe

Just a quick FYI

MJ

Title: Re: Aquarua.exe (demo) Virus Collision w/ Comodo as Heur.Pck.MoleBox
Post by: Alec on April 06, 2009, 12:25:19 am

MoleBox is a packing program that was used to compress data.

Title: Re: Aquarua.exe (demo) Virus Collision w/ Comodo as Heur.Pck.MoleBox
Post by: Kailieann on April 06, 2009, 12:40:57 am

Quote from: Alec on April 06, 2009, 12:25:19 am

MoleBox is a packing program that was used to compress data.

Quote from: molotovjester on April 05, 2009, 11:29:53 am

Heur.Pck.MoleBox .

In other words, it's not a false positive. Comodo is accurately picking up something that could, theoretically, be used to introduce harmful data to a system, but is probably going to be benign 90+% of the time (as, I assume, is the case with the Aquaria demo).

Title: Re: Aquarua.exe (demo) Virus Collision w/ Comodo as Heur.Pck.MoleBox
Post by: Alec on April 06, 2009, 05:12:39 am

I'm not positive, but I think its just noticing that the EXE was modified with MoleBox launching code which is intended. (the exe gets modified by molebox so that it can read the compressed data automatically)

My guess is its not a big deal.