Following is the information, while scanning with Sophos Anti-Rootkit 1.5.0
Area: Local hard drives
Description: Unknown hidden file
Location: C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP337\A0079293.exe
Removable: Yes (but clean up not recommended for this file)
Notes: (no more detail available)
Hidden file "A0079293.exe" could be anything, a normal and clean program installer, a Trojan Horse, a PUA, or a Mal ware.
It is not recommended to simply delete this file without knowing the nature and type of this file "A0079293.exe".
Would it possible for end-user to carry out detailed analysis of such doubtful files?
I would like to suggest, if Sophos tries to add file signature verification tools in Sophos Anti-Rootkit with a visible options in anti-root kit GUI. Hope, all Sophos-Anti-Rootkit user will definitely appreciate this. This tool can be run on demand by selecting or highlighting such file(s) and pressing [Verify Signature] tab.
-------------------------------------------------------------------------------------------------
| Description | Location | File Signature | Signature Date | |
-------------------------------------------------------------------------------------------------
| | | | | |
Enjoyin' Sophos Anti-rootkit
Thanks :)
This thread was automatically locked due to age.