Windows Defender makes mysterious folders and files
Hi,
A)
I have Win XP Pro SP2. I installed Windows Defender. I have run Windows Defender. I don't "use real time protection" because I have another antispyware program running.
Now weird folders and files are being created in the root folder containing "My Documents".
Below are the folders and files.
1. FOLDER F:\9de1bcc46e6629e5b6d4f3f
FILE AS_Delta.ini
FILE mpasdlta.vdm
FILE MPSigStub.exe
2. FOLDER F:\Config.Msi\
3. FOLDER F:\fe851fd572d87c6e7b7f164
FILE AS_Delta.ini
FILE mpasdlta.vdm
FILE MPSigStub.exe
B)
Why do I assume Windows Defender is the culprit?
Because here are the contents of "AS_Delta.ini" (one of the files in one of the folders in question).
****Start AS_Delta.ini contents****
"; MpSigStub INI Configuration File
;-------------------------
; Configuration Section
;
; This section specifies parameters for the stub
;-------------------------
[Parameters]
PATCH_FULL_ENGINE=0
;-------------------------
; Products Section
;
; These sections specify the products that are to
; be updated.
;-------------------------
[WD]
PRODUCT_NAME=Windows Defender
PRODUCT_CONFIG_ROOT_KEY=SO
[MCP]
PRODUCT_NAME=Microsoft Client Protection
PRODUCT_CONFIG_ROOT_KEY=SO
****End AS_Delta.ini contents****
Questions:
1. Is "Windows Defender" the culprit?
Supporting evidence are "PRODUCT_NAME=Windows Defender
PRODUCT_CONFIG_ROOT_KEY=SO
2. Why is this happening?
Thank you.
A)
I have Win XP Pro SP2. I installed Windows Defender. I have run Windows Defender. I don't "use real time protection" because I have another antispyware program running.
Now weird folders and files are being created in the root folder containing "My Documents".
Below are the folders and files.
1. FOLDER F:\9de1bcc46e6629e5b6d4f3f
FILE AS_Delta.ini
FILE mpasdlta.vdm
FILE MPSigStub.exe
2. FOLDER F:\Config.Msi\
3. FOLDER F:\fe851fd572d87c6e7b7f164
FILE AS_Delta.ini
FILE mpasdlta.vdm
FILE MPSigStub.exe
B)
Why do I assume Windows Defender is the culprit?
Because here are the contents of "AS_Delta.ini" (one of the files in one of the folders in question).
****Start AS_Delta.ini contents****
"; MpSigStub INI Configuration File
;-------------------------
; Configuration Section
;
; This section specifies parameters for the stub
;-------------------------
[Parameters]
PATCH_FULL_ENGINE=0
;-------------------------
; Products Section
;
; These sections specify the products that are to
; be updated.
;-------------------------
[WD]
PRODUCT_NAME=Windows Defender
PRODUCT_CONFIG_ROOT_KEY=SO
[MCP]
PRODUCT_NAME=Microsoft Client Protection
PRODUCT_CONFIG_ROOT_KEY=SO
****End AS_Delta.ini contents****
Questions:
1. Is "Windows Defender" the culprit?
Supporting evidence are "PRODUCT_NAME=Windows Defender
PRODUCT_CONFIG_ROOT_KEY=SO
2. Why is this happening?
Thank you.
LeeTutor
I did a google search and I found some pages referencing mpasdlta.vdm that verify it has to do with the program Windows Defender. However, none of those files are present on my system, and I use Windows Defender. I would suggest you uninstall the program and see if then you can delete the files, then reinstall the program and see if the problem goes away...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi,
Sorry for not getting back to you in time. I've been out of town.
This morning I just deleted all those directories and they haven't come back yet.
Thanks for your help.
Sorry for not getting back to you in time. I've been out of town.
This morning I just deleted all those directories and they haven't come back yet.
Thanks for your help.