|10 Dec 2009||#1|
Weird Windows Defender behavior
To begin with, I run Windows 7 Professional. I keep it patched up to date. I also run ESET NOD32 v4, and Windows Defender is on by default. Malwarebytes AntiMalware is run once a week on-demand.
Today I launched Steam, connected, and found there was a patch. I downloaded the patch and let it install. After it installed, I reconnected to steam, and suddenly Windows Defender popped up.
The popup balloon didn't say that it had found a virus, or malware. It said it flagged SteamServiceTmp.exe, and that it wanted to submit the file to Microsoft. I don't know if this means there was a virus in the file or some other malware. I think that's unlikely, considering it came directly from Valve (That's the file that launches to patch the Steam Service), but I'm not sure what that means. I can't find any record of the file being detected in the Windows Defender History, at all. Does this mean I have a virus? What is this all about?
All I can find is this information from the Event Viewer:
Fault bucket 864089046, type 5
Event Name: AVSubmit
Response: Not available
Cab Id: 0
P1: Windows Defender
These files may be available here:
Rechecking for solution: 0
Report Id: 78cda38e-e5ff-11de-862f-001fbc01945b
Report Status: 0
EDIT: Upon review, here's the contents of the Report.wer file generated
Sig.Name=Problem Signature 01
Sig.Name=Problem Signature 02
Sig.Name=Problem Signature 03
Sig.Name=Problem Signature 04
Sig.Name=Problem Signature 05
AppName=Windows Defender User Interface
AppPath=C:\Program Files\Windows Defender\MSASCui.exe
I uploaded the file to Virustotal, but the report has since expired. It came back with 1/41 as the result, with Panda finding the only positive (W32/Xor-encoded.A), and everything else being negative.
|My System Specs|
|11 Dec 2009||#3|
It sounds like the file must be safe then. Thanks for the link!
Windows Defender keeps doing this, though. It did it for the second time just recently. This time I caught the balloon message: "Review files that Windows Defender will Send to Microsoft (Important)". Then it asks me to submit the files when I look for more information. I can find information in the Event Viewer, but not in the Defender logs. It doesn't say "This is a piece of malware" explicitly, but the logs in the Event viewer call this an "AVsubmission". This time it did it to me for uninstall_plugin.exe after updating Flash from Adobe's website.
Is this normal behavior for Defender? Is it saying these files are malware? Or is it just submitting them to Microsoft for some unknown reason?
|My System Specs|
|12 Dec 2009||#5|
|My System Specs|
|Thread Tools||Search this Thread|
|Similar help and support threads|
Windows Explorer weird behavior
Hello, I've dealing with a weird issue, and I'm lost at this point... need some additional pair of "eyes" to find out the issue described below: Machine: HP Pro Model 3515 64 bits OS : Windows 7 Pro 64bits RAM : 4 GB Processor: AMD Antivirus: ESET NOD 32 (current/updated)
Windows explorer freezing and weird behavior, as well as other issues
Hello everyone, These problems started happening maybe several months ago. I don't really use this laptop that often, so I have no idea what could of caused this. I'm running Windows 7 Ultimate 64 bit. Here are a list of the problems that are occuring. 1. If I press computer in the start...
Odd behavior, please advice, cannot access MSE/Defender
I'm on win 7 32 bit, i just noticed that all my downloaded files dissapear instantly after they finish downloading. Can't access microsoft security essentials or defender either, they complain that i do not have permission even though i am on the administrator account. Also this : ...
Weird behavior by Windows 7, clock/date field changing
I am furious at not knowing why my date/clock in Windows 7 keep changins its appearance. It is as if the files or settings for Windows change mysteriously back and forth and I don't like it one bit. The issue pertains to this clock/date shown at the bottom right corner on the screen just beside...
windows 7 sp1 weird network behavior
Hi there I have something weird going on with my network, I can surf and download whatever form servers like Rapid, Mega and all those, but I was trying to download Fedora 14 using the a torrent file, and at the beginning it started to download at the max bandwidth I got but a few seconds later...
|Network & Sharing|
Weird Behavior IE8
sometimes when I open ie8 the welcome screen pops up. I have gone through this set things up and you're browser is ready for use well, ok but why dose it pop backup at random point when I click ie8 it doesn't happen every time its sporadic so I've just been exiting out of it as my browser is...
|Browsers & Mail|
© Designer Media Ltd
All times are GMT -5. The time now is 02:48.