Jump to content

Recommended Posts

Problem originated with WinXPSP3 not coming out of hibernation - got BIOS error code - corrupted video driver issue due to Vundo. Was able to clear out a handful of unwelcome .dll files using NOD32 and rebooted. Since the interloper was identified as virtumonde/vundo I jumped onto wikipedia and from there found your site and software. A quick scan found a couple more issues. I removed all of them. I also turned of system restore and deleted all the restore points, turned off ACPI and deleted the hiberfil.sys file. Updated all MS updates, rebooted again. To be on the safe side I rescanned, only this time, used the deep scan. That is where I got a bit confused. There was still a system restore point that indicated an infection, which of course was created after I deleted all the old ones. Additionally two .dll files in purchased Adobe software (Audition and Photoshop) came up as an infection. I cannot delete them since they are part of very expensive software. These two files also showed up as virii on my laptop using TrendMicro which I quit using due to cost. I always chalked this up to being a false positive. My confusion lies in the fact that the quick scan never saw them and the deep scan did. I am sort of at a loss - do I uninstall the Adobe products? The file in Audition is a MS Visual Runttime Library file, and the one in Photoshop is a filter. I did not keep a log of the later scan so I would have to do it completely over to report these. I am just wondering if I should just exclude those two app's folders or pursue this further. I did not see any posts in the false positive forum referencing Adobe Audition or Photoshop.

Great software guys!

Link to post
Share on other sites

Greetings :)

The Quick Scan is designed to catch all active threats on a system by only checking the locations where infections are known to reside.

Those two files being detected may indeed be false positives. Please refer to this post: Read before reporting a false positive!

and post the info here: False Positives and one of our researchers will investigate the issue and respond as to whether or not this is a false positive, and if it is, they will get it corrected.

Thanks :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.