Sign in to follow this  
rwest53

"What to Do"

Recommended Posts

Never seen this before. Started using AE a couple of weeks ago and have never seen these suspicious files. Brought it up on the forum and never received an answer other than they'll look at it Recommended Action is to allow once. What's Up?

 

Here's a copy of the log file

 

Extended engine definition file: 8.1

 

******************************** Scan results: *********************************

Scan profile name: Full Scan (ID: full)

Objects scanned: 102818

Objects detected: 13

 

 

Type Detected

==========================

Processes.......: 0

Registry entries: 0

Hostfile entries: 0

Files...........: 13

Folders.........: 0

LSPs............: 0

Cookies.........: 0

Browser hijacks.: 0

MRU objects.....: 0

 

 

 

Skipped items:

Description: C:\WINDOWS\creator\wnaspint.dll Family Name: Suspicious Object Clean status: Success Item ID: 0 Family ID: 0

Description: C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE Family Name: Suspicious Object Clean status: Success Item ID: 0 Family ID: 0

Description: C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE Family Name: Suspicious Object Clean status: Success Item ID: 0 Family ID: 0

Description: C:\WINDOWS\I386\alf\mfu_us.exe Family Name: Suspicious Object Clean status: Success Item ID: 0 Family ID: 0

Description: C:\WINDOWS\OPTIONS\AOLicon.EXE Family Name: Suspicious Object Clean status: Success Item ID: 0 Family ID: 0

Description: C:\WINDOWS\OPTIONS\post_sysprep.EXE Family Name: Suspicious Object Clean status: Success Item ID: 0 Family ID: 0

Description: C:\WINDOWS\OPTIONS\pwrm.EXE Family Name: Suspicious Object Clean status: Success Item ID: 0 Family ID: 0

Description: C:\WINDOWS\OPTIONS\shipaol.EXE Family Name: Suspicious Object Clean status: Success Item ID: 0 Family ID: 0

Description: C:\WINDOWS\OPTIONS\WBDDA34I.DLL Family Name: Suspicious Object Clean status: Success Item ID: 0 Family ID: 0

Description: C:\WINDOWS\OPTIONS\WBODA34I.DLL Family Name: Suspicious Object Clean status: Success Item ID: 0 Family ID: 0

Description: C:\WINDOWS\system\vdremote.dll Family Name: Suspicious Object Clean status: Success Item ID: 0 Family ID: 0

Description: C:\WINDOWS\system\vdsvrlnk.dll Family Name: Suspicious Object Clean status: Success Item ID: 0 Family ID: 0

Description: C:\WINDOWS\system32\divx.dll Family Name: Suspicious Object Clean status: Success Item ID: 0 Family ID: 0

Share this post


Link to post
Share on other sites

Its detected these files which according to the engine look like there acting strangely and it isn't sure exactly what they are.

 

Submitting them to the threat network that pops up will mean that they will be looked at to check if they are safe or not.

In the mean time adaware has decided that althought they are weird looking they arnt that dangerous to block so it will allow them to run this time.

 

Just looking at that i can see things for divx and aol

 

Hopefully when the definition files are updated these will stop being detected unless they really are malicious.

 

I personally tend to leave them alone. It is however up to you

Share this post


Link to post
Share on other sites

Never seen this before. Started using AE a couple of weeks ago and have never seen these suspicious files. Brought it up on the forum and never received an answer other than they'll look at it Recommended Action is to allow once. What's Up?

 

Here's a copy of the log file

 

I "upgraded" to the Anniv Ed (free version) recently and my second scan (tonight) came up with several of the same files as you show in your log. The recommendation was to "allow once". I followed the recommendation and it removed just one of the files- a second instance of one of them. I've been seeing a rash of what I consider erroneous positives from various Spyware & AV programs. They sometimes find files that even the software provider's own website doesn't recognize- very strange. I suspect this case is just an overzealous scanner profile but it's sure taking it's time in getting cleared up; I downloaded the update before scanning tonight and that's 8 days after your post. Hopefully, it's another case of "much todo about nothing". Lots of luck to us all. PS I just signed up and note my display name; it's indicative of my frustration with all things computer.

Share this post


Link to post
Share on other sites
Sign in to follow this