McAfee VShield (5.21.1000) Ad-Aware SE Personal (1.06r1) anomoly

  • Thread starter Thread starter Duh_OZ
  • Start date Start date
D

Duh_OZ

Yes, and older version of McAfee, but I can only use what the work
place gives me! Anyway for the last two weeks VShield reports(at boot
time) that Ad-Aware.exe is infected (won't say with what) and I try
quarantining it which results in two files of ZERO bytes being created.
Most of the time I get no more warnings until I run Ad-Aware again,
but a few times when I didn't run it. No big deal, but a small PITA
to have it come up at boot time now and then. Tried uninstalling
Ad-Aware and downloaded again, installed etc which didn't solve
anything. Anywho, any thoughts on why two, zero byte files are being
created (VShield does prompt twice, hence two files). I tried not
cleaning it and submitting it to VirusTotal, which of course came up
clean under all engines.

Here's a snip from the McAfee Quarant folder:

(log)
C:\Program Files\Lavasoft\Ad-Aware SE
Personal\Ad-Aware.exe\AD-AWARE.EXE => CHKD.tmp
C:\Program Files\Lavasoft\Ad-Aware SE
Personal\Ad-Aware.exe\AD-AWARE.EXE => CHK10.tmp

(files)
chkd.tmp 0KB
chk10.tmp 0KB
===========
OZ
 
Duh_OZ said:
Yes, and older version of McAfee, but I can only use what the work
place gives me! Anyway for the last two weeks VShield reports(at boot
time) that Ad-Aware.exe is infected (won't say with what) and I try
quarantining it which results in two files of ZERO bytes being
created. Most of the time I get no more warnings until I run
Ad-Aware again, but a few times when I didn't run it. No big deal,
but a small PITA to have it come up at boot time now and then.
Tried uninstalling Ad-Aware and downloaded again, installed etc which
didn't solve anything. Anywho, any thoughts on why two, zero byte
files are being created (VShield does prompt twice, hence two files).
I tried not cleaning it and submitting it to VirusTotal, which of
course came up clean under all engines.
Click to expand...

Just scanned my Ad-Aware SE folder (1.06r1) with McAfee VShield V7.03, and
didn't have any problems.

So the question is, what are the versions of the Scan Engine and Virus
definitions you are running with VShield 5.21?

I'm currently running defs of 4.0.4522, and Engine 4.4.00. There was a
problem with some false positives a while back with defs 4512-3, but they
were resolved in later versions.

Here's a link to the SuperDAT, which will update both your engine and defs
to the current version:

http://www.nai.com/us/downloads/updates/default.asp

Hope this helps.
Bob.
 
From: "Bob" <[email protected]>


|
| Just scanned my Ad-Aware SE folder (1.06r1) with McAfee VShield V7.03, and
| didn't have any problems.
|
| So the question is, what are the versions of the Scan Engine and Virus
| definitions you are running with VShield 5.21?
|
| I'm currently running defs of 4.0.4522, and Engine 4.4.00. There was a
| problem with some false positives a while back with defs 4512-3, but they
| were resolved in later versions.
|
| Here's a link to the SuperDAT, which will update both your engine and defs
| to the current version:
|
| http://www.nai.com/us/downloads/updates/default.asp
|
| Hope this helps.
| Bob.
|

And I used VirusScan v7.1E and v4.5.1 SP1 using; DAT 4522, and ENGINE 4400, and I too had
no False Positive declarations.
 
Bob said:
So the question is, what are the versions of the Scan Engine and Virus
definitions you are running with VShield 5.21?

I'm currently running defs of 4.0.4522, and Engine 4.4.00. There was a
problem with some false positives a while back with defs 4512-3, but they
were resolved in later versions.

Here's a link to the SuperDAT, which will update both your engine and defs
to the current version:

http://www.nai.com/us/downloads/updates/default.asp

Hope this helps.
Bob.
Click to expand...
===============
defs 4.0.4522 and Engine 4.4.0(been using) resulted in the same thing.
I renamed the file from Ad-Aware.exe to Ad-A.exe and on reboot it
wouldn't flag it as infected. Renamed it back to Ad-Aware.exe and on
reboot it comes back. I may have said to exclude Ad-A though in one
of my numerous boot attempts? I forget how many different things I
tried!

I installed Ad-Aware on several other computers and no flagging despite
having the same defs and scan engine. Just a fluke on the computer.
Again, no biggie, just found it strange.
 
Duh_OZ said:
defs 4.0.4522 and Engine 4.4.0(been using) resulted in the same thing.
I renamed the file from Ad-Aware.exe to Ad-A.exe and on reboot it
wouldn't flag it as infected. Renamed it back to Ad-Aware.exe and on
reboot it comes back. I may have said to exclude Ad-A though in one
of my numerous boot attempts? I forget how many different things I
tried!

I installed Ad-Aware on several other computers and no flagging
despite having the same defs and scan engine. Just a fluke on the
computer. Again, no biggie, just found it strange.
Click to expand...

Only things I can think of is update to 4523 defs (released today); by
chance did you ever have any of the extra dat files loaded? Perhaps if one
of those are still lurking around in the system, it might cause a problem.
I would think the latest def update would clean that out, but who knows.

I did a quick browse over at http://forums.mcafeehelp.com/ , but didn't see
anything relating to Ad-Aware.exe under VirusScan 6 and earlier versions.

Very odd problem.

Bob.
 
Back
Top