High Risk?

Hi all,

After reading the News on Google, I closed the browser and was confronted by a warning from a Prevx pop up:

C:\Windows\system32\aepdu.dll - High Risk
C:\Windows\system32\aeinv.dll - High Risk

Acording to the powers that be, these two .dll's are microsoft files and deleting them might cause trouble for the operating system. Has anyone else seen this?


Marserobert

 

Hello,
It would be useful to get some scan log details to see what the files are and why they are being detected. If you could follow these instructions: https://www.wilderssecurity.com/showthread.php?t=245129 that will let you get the details over to us

Thanks!

 

Hi,

I am afraid I cannot do as you ask! The pop up arrived without a scan which surprised me.

I immediately checked to see if the two .dlls had any malicious history and I ascertained that they where Microsoft. I did an advanced scan on the two .dlls and Prevx did not report anything.

I have checked in "My Prevx" under "Infections in your Network" and the two .dlls are present. They are listed as "AEINV.DLL Trojan.Vundo." and "AEPDU.DLL Trojan.Vundo"

Is this applicable:

"Posted by Microsoft on 18/05/2009 at 15:18
Thank you for the suggestion. We have fixed this encompased bug by releasing an updated AEINV.DLL file. It can be found in the toolkit download on the connect site, and addresses the false positives for UAC testing.

Thank you for this report,
The Windows 7 Software Logo Team ?"


Marserobert

 

I suspect that if the DLLs were a false positive, they have already been fixed automatically - I can't see anything which would be returning malicious determinations from our database, but let me know if anything crops up again!