AOLicon.link and aolicon.exe

Hello, Wilder's Security Forums. I just downloaded Prevx 3.0 and their initial scan results showed that I had two infections by AOLicon.link and aolicon.exe.(See attached image)

Has anyone ever had this before? And if so, is there another way to get rid of these infections other than having to purchase a license from Prevx?

Any help with this will be appreciated.

 

Hello,
Prevx 3.0 is becoming Webroot SecureAnywhere - I suggest installing a trial of SecureAnywhere to see what it finds. The free trial will allow you to remove threats as well: http://www.webroot.com/customerSupport/trialRegistration.php?trpd=WSAV&loc=USA

Let me know if you have any questions!

 

Actually, I've tried a trial of Webroot and scanned my computer and their scan didn't detect the AOLicon.link and the aolicon.exe infections.

Also, I was having problems with the software and eventually had to uninstall it. However, I am not using the same firewall and antivirus as before...therefore, I will try it again.

 

Well, I downloaded and scanned with Webroot again and got: Scanned Results: No Threats Found.

 

Then they were likely false positives and you're good to go.

 

After a scan with SecureAnywhere, you can look at the scan logs and see if the file is listed in it. If it's listed as a [G], then Prevx3 was definitely a false positive. If it's listed as and you are worried, you can ask support to look at it for you by putting in a ticket.

 

So how do I get rid of the discomforting red colored 'Infected' scan results as shown in the image in the OP? And the red colored center in the Prevx icon?

 

So how do I acess the SecureAnywhere scan logs?

 

I suggest uninstalling P3 entirely - you can access scan logs within WSA from the System Tools feature.

 

So does WSA provide the blue and green browser protection tabs for some websites the way that P3 does? Also, I don't mean to sound like a dummy, but I opened up System Tools in WSA and couldn't find where I could access scan logs.

 

No more Tabs it has been replaced with a Yellow Padlock on the Tray Icon: https://detail.webrootanywhere.com/agenthelp.asp?n=Managing_protected_applications

Also just Right Click on the Tray Icon and Click on "Save a Scan Log".

TH

Also here under system tools.

 

Oh wow! How interesting.

So does "Configuration for HTTPS websites" apply to all HTTPS websites and aren't just limited to some like P3 is?

Okay, let me see if I have this correct. So when we 'Save a Scan Log' and when we are prompted to 'Select where we would like to save the log,' should we create File name that's something like: 'ScanLogs' ?

 

Actually, I didn't see any c:\windows\options files listed in the SA scan logs.

 

Actually WSA does protect HTTPS & HTTP by default now but if you go into Identity & Privacy Tab and Click on Protected Websites and click on HTTP & HTTPS you can move the sliders to Max if you want and "Save All".

Yes to save a scan log any File Name will do.

TH

 

From what I saw ages ago when using AOL, aolicon.exe is just a group of icons in an executable file to allow them to be parsed easier. You don't have to worry about it - your system is indeed clean now.

 

Then it is either A: One of the known-good files that was not included in the logs, or B: doesn't ever run, so would not have any reason to be scanned.

My personal impression based on quick research is that it's safe. If all else fails, you have the option to navigate to it in Explorer, then right-click and Scan with Webroot. When the window indicates the scan is done, there is an option to save the scan log in the lower left of that scan done indication window. Then it will show the status of that file specifically.

 

Well, it looks like HTTPS is already at Max by default. However, I'm just kind of curious as to why HTTP isn't at Max by default....especially since users have the option of simply changing it to Max.

Well, it's strange that every time I do that and then tried to open the scan log to read it, a lot of other scan dates and scan information is included in with that log.

 

Well, I'm just wondering if I can open up Explorer and just delete those files.

 

You can, but I wouldn't if they're legit. Removing Windows files is usually a Bad Idea™.

 

Gasp! I kind of heard about that, but I guess I should have waited to see if I got a reply to my question before I deleted them.

Oh well, at least the little discomforting red colored center in the Prevx icon is gone and is now green. lol

Although now my taskbar icon of my trial version of WSA has a big red exclamation point on it. (I'll have to uninstall WSA because I don't have any plans on purchasing it right now, even though I did like the product.)

Also, I wanted to ask the WSA people something. I think that I read on this forum that if a customer has both WSA and Prevx, their Prevx will eventually be phased out. However, what I would like to know is: If a customer doesn't have WSA, will they still be able to use the limited version of Prevx SafeOnline?

 

At the moment they can but all versions will be autoupgraded to WSA (unless they don't have autoupgrade enabled) but we will be turning off the Prevx infrastructure at some point.

 

Thanks.