What is Ayer.exe ? -- What is ii\873374_eng.exe ??

  • Thread starter Thread starter Mel_3
  • Start date Start date
M

Mel_3

I have always run zone alarm and two app's just tried to access the "trusted
zone"

ayer.exe
ii\873374

Googled 'em both but saw no satisfactory answere from Microsoft or other
reliable sources...

Anyone here know what they are and how I can verify their authenticity?

Thanks for any help.
 
I would not say that at all on that evidence.

This thread cites this:

C:\DOCUME~1\Manny\LOCALS~1\Temp\WERa896.dir00\wmpl ayer.exe.mdmp

I'm not much on media in general, but I don't see why a legit media player
executable is located in Temp.

And I don't know what that space--real or not--means in the name--but the
double extension .exe.mdmp is likely bad news, I suspect.

The fact is that nobody can tell you what a file is by the name alone,
unless it is signed and you exchange signature information with us. If you
can find either of these files on your system--look for hidden files, and
ignore the extension, I'd recommend submitting them to virustotal.com or
microsofts own submission mechanism--www.microsoft.com/security/portal

If they are located in the temp area, I'd simply clean out the temp area
rather than risk further issues.

873374 is the number of a Microsoft Security related patch. However, so
far, the executables I've found associated with that patch do not have that
name.

I would give the same advice with regard to that file. If you think you
might need a Microsoft Update, go to Windows Update and see what is offered.
 
OK - 873374_eng.exe is apparently a legitimate name for a Microsoft
executable associated with a security issue.

However, that fact alone does not mean that a file with this name on your
system is legit.

In this case, see if you can find the file in Explorer on your system, right
click on it, and look at the details--see whether it is signed by Microsoft.
If it is, I'm willing to believe that it is legitimate.
 
Just out of interest, on seeing this post yesterday, I ran an Explorer search
on my system for ayer.exe and it flagged two instances on my system - both
relating to WMP. One located in Prog Files/ and the other Windows/Service
Pack/i386. However, when I investigate the folders (despite having show
hidden files and file extensions selected), I can find no reference to this
file in either folder. Properties from within Explorer indicates a Microsoft
file with no version info.

Stu
 
the web reference Robin cited was odd too--it cited "wmpl ayer.exe.????" so
it was the space in what I would expect to be the real name of the
executable that gave rise to the Google hit.

So far, a cmd line search has found 0 instances of ayer.exe on my ancient
and dirty Vista ultimate system. A GUI search has yet to complete...
 
Hmm. well spotted and point taken. I`d be interested in the outcome of your
`dirty Vista Ultimate system`. I scanned the file using the custom scan
option in WD ie by simply browsing to the file location quoted by Explorer.
For occasions like these it would have been nice to have a context menu
option available like many other scanners. I seem to recall this being
discussed many moons ago on here and some bright person had a solution but I
can`t find it now.
What I do seem to recall was, the general consensus of opinion being
Microsoft wouldn`t do that for XP customers because they were concentrating
their efforts on the launch of Vista, the integration of WD in One Care plus
a thousand and one other things at the time. For XP users, WD is very much a
`bolt on` application. Not that I`m complaining

Stu
 
I think WD had to be "bolt on" for XP. I don't know if there were
modifications made to Windows code to facilitate it in, say, sp3, but I
doubt it--maybe in terms of improving and tightening up the update and
patching process--that's a big issue entirely apart from Defender. It cost
a good bit of money, even given that Microsoft started by buying the initial
technology--to develop Windows Defender. Adding bucks to modify Windows in
a significant way probably would not be in the budget, I'd guess.

My GUI search still has not completed, but I don't expect it to find
anything--the original search was to go to an elevated command prompt and do
dir \ayer.exe /s

That one had no results. I could have done better to use attrib with the
same syntax, and gotten hidden ones, but I don't think they are really
there.

I'll see if I can remember to check this on an XP machine at some point--but
I don't think it will be different--I suspect detections of this string are
most likely going to relate to imperfections of search methods---but maybe
I'll be surprised?
 
The gui search finally completed. The only references it found to ayer.exe
were in mail folders--this thread.
 
OK. Many thanks for your efforts

Stu

Bill Sanderson said:
The gui search finally completed. The only references it found to ayer.exe
were in mail folders--this thread.
Click to expand...
 
Back
Top