Computer Hope

Software => Computer viruses and spyware => Topic started by: Tatterdemalion on June 24, 2014, 10:03:36 AM

Title: Confusing Avira Results. Is it RIGHT ?
Post by: Tatterdemalion on June 24, 2014, 10:03:36 AM
Having got in a pickle lately, as my other threads illustrate, I have run an Avira scan on hard drives connected to a Windows 7 PC that I hope has no problems. It has stopped 82.5% of the way through the scan but has shown some detections that it is offering to quarantine.

It has identified a program called DeFX095.exe as "TR/Agent.65519.2"

When I click on Avira's "Virus Information" link, it opens a panel where you can type in the named threat. When I do this - NO information is returned. How can Avira IDENTIFY something that then has no entry in their database ?

I Googled the program name and it looks like it is a Plug-In for the WinAmp music player. I think it was designed to add reverb and I think I can remember downloading it and using it SEVERAL YEARS AGO on a computer I no longer use.

I won't need to install it again so I may as well delete the original installer - but is it REALLY a Trojan ? Did someone find out that it was a Trojan disguised as an audio effect add-on and then blacklist it ????

Other threats it has found are within "ProCalculatem.exe" and "HoldemIndicatorSetup.exe"

These sound a bit dodgy. ProCalculatem might be an odds calculator and I imagine the latter is something to do with Poker.

Are these NOT dangerous unless I run them ? I have no intention of ever installing them.

Oh - just searched for "ProCalculatem" and it may be an "essential file".

Should I just trust Avira and let it quarantine all it has found.

It got stuck at 82.5% of the scan looking at the "Q" drive - which is Lenovo's factory recovery area. Perhaps it can't get access to that and is not supposed to.

Any knowledgable insights will be much appreciated.

Title: Re: Confusing Avira Results. Is it RIGHT ?
Post by: Tatterdemalion on June 24, 2014, 10:20:21 AM
Probably not the done thing to reply to your own message. I have done some hard drive searching and located all the three named files. DeFX095.exe is stored as a Win-Amp plug in and both ProCalculatem and HoldemIndicatorSetup came bundled with a dodgy money-making audiobook. Would it be a good idea for me to "Cancel" Avira's offer to quarantine these files and for me to DELETE the original folders that contain them and THEN run the Avira scan from scratch again ?
Title: Re: Confusing Avira Results. Is it RIGHT ?
Post by: SuperDave on June 24, 2014, 01:16:12 PM
Would it be a good idea for me to "Cancel" Avira's offer to quarantine these files and for me to DELETE the original folders that contain them and THEN run the Avira scan from scratch again ?
Just ignore those warnings unless your computer starts acting up.
Title: Re: Confusing Avira Results. Is it RIGHT ?
Post by: Tatterdemalion on June 24, 2014, 02:16:24 PM
So - can you confirm that I don't even need to quarantine those files and that I can just press "Cancel" and close Avira's virus scan as if it had found nothing ??
Title: Re: Confusing Avira Results. Is it RIGHT ?
Post by: SuperDave on June 25, 2014, 01:14:00 PM
Yes, just ignore them unless your computer starts acting up.
Title: Re: Confusing Avira Results. Is it RIGHT ?
Post by: Tatterdemalion on June 26, 2014, 09:37:46 AM
Thank you. I know WHAT the flagged files were. They are Poker calculator programs that were "bundled" with what seems like otherwise harmless (and slightly unrelated) audiobooks. I suppose they are no threat at all so long as I don't run them (I never will) and there is no way they could be run without my permission.
Title: Re: Confusing Avira Results. Is it RIGHT ?
Post by: SuperDave on June 26, 2014, 04:18:08 PM
I suppose they are no threat at all so long as I don't run them (I never will) and there is no way they could be run without my permission.
If you don't intend to use them you should uninstall them.
Title: Re: Confusing Avira Results. Is it RIGHT ?
Post by: Tatterdemalion on June 27, 2014, 06:11:15 AM
Thanks. I'll do so.