spyware.acext

hi all

I did a search on the forums, but nothing came up, so I don't know if I'm the only one experiencing this issue.

After a full scan with Norton Antivirus it comes up with having found "spyware.acext"

A few thousand instances of them. Normally I'd hit delete and be done with it. In fact the first time I did I think. Next TDS-3 update was a biiiiiig one, which made me think.

Lo-and-behold, the "spyware.acext" was in my TDS-3 folder, xdynamic/TDS.unpk

Basically in this folder i have like 3000 files with names such as a0073361.exe and an example of the Norton message is: The file C:\Program Files\TDS3\xDynamic\TDS.Unpk\a0073361.exe is a Spyware threat

The Norton website states that "spyware.acext" is a spyware program that contacts a predefined server for tracking purposes and Installs itself to %Windir%\ie_32.exe, by default.

Thankfully I don't have ie_32.exe anywhere on my system or in my registry but I'm still baffled by it all

Anyone know what is going on?

Thanks heaps

I-G

 

Hiinfra-greg, The TDS-3 folder, xdynamic is where TDS unpacks files for inspection. It is important that your AV resident monitoring is switched off when doing a full TDS3 scan as your AV could block it from doing it's job properly which sounds like this is the case here.
To be sure disable the resident part of your AV and re-do the TDS scan.

HTH Pilli

 

Hi Pilli

Thanks for the response...

Just to clarify though...its Norton Anitvirus that is picking up the spyware as being in the TDS xdynamic folder...

Are you saying that TDS is unpacking files into the xdynamic folder for inspection, but might not be able to do it properly due to Norton AV?

I'm a bit confused Sorry

Howcome Norton is picking up spyware in the folder though? Or is it being mistaken?

i-g

 

Yes, If Norton is running as TDS3 unpacks for checking Norton jumps in and tries to stop the process as it sees the unpacked malware, just to grab the glory from TDS3's hard work

 

hey Pilli

thanks again...

just two more questions..sorry

1. is it safe to delete the files in TDS xdynamic folder? Or at least the ones apparently contain spyware.acetxt?

2. do the files in my TDS xdynamic folder actually contain spyware.acext?

is that 2 questions, 2.5 questions or 3?

 

Hi there,
The files in the Unpk folder can be deleted if you want, you did submit a copy of one of them to submit@diamondcs.com.au if TDS didn't beep on them, did you?
Normally TDS deletes them after scanning or after the next scan. You can delete them manually if you like. On my system they're always deleted automatically.
Remember those are copies of originals elsewhere on your system, so if your other scanner is alarming on them only in that Unpk folder it can mean the original elsewhere on your system no longer excists or the other scanner sees only the unpacked version in the Unpk folder.
If there are files alarmed on which TDS doesn't, certainly do submit it to be sure.

Names like a0073361.exe could be copies of the system restore, so it could be your old copies contain the possible infection. This is what i mean with your Norton maybe not alarming on the normal system restore files.
If the infection is found in the current restore points and only there you'll have to clean them out but first let us know if there are alarms in other places and what they are.
After your TDS full system scan let us know what TDS found.


Like Pilli said and we write each time:
When scanning your system make sure all other scanners are temporary disabled completely including their resident protection, to enable the other scanner to do it's job properly and access all files.
The only exception is TDS can keep being loaded including it's exec protection hook but don't have TDS in a full system scan while scanning with one of the other scanners at the same moment.

 

cool

thanks for that...much appreciated...

good to learn new things too...

till later

i-g