Solved

Windows Defender makes mysterious folders and files

Posted on 2006-07-06
3
14,433 Views
Last Modified: 2011-08-18
Hi,

A)
I have Win XP Pro SP2.  I installed Windows Defender.  I have run Windows Defender.  I don't "use real time protection" because I have another antispyware program running.

Now weird folders and files are being created in the root folder containing "My Documents".
Below are the folders and files.
1. FOLDER      F:\9de1bcc46e6629e5b6d4f3fdd96e\
FILE      AS_Delta.ini
FILE      mpasdlta.vdm
FILE      MPSigStub.exe

2. FOLDER      F:\Config.Msi\

3. FOLDER      F:\fe851fd572d87c6e7b7f16432944fc\
FILE      AS_Delta.ini
FILE      mpasdlta.vdm
FILE      MPSigStub.exe

B)
Why do I assume Windows Defender is the culprit?

Because here are the contents of "AS_Delta.ini" (one of the files in one of the folders in question).

****Start AS_Delta.ini contents****
"; MpSigStub INI Configuration File

;----------------------------------------------------
; Configuration Section
;
; This section specifies parameters for the stub
;----------------------------------------------------
[Parameters]
PATCH_FULL_ENGINE=0

;----------------------------------------------------
; Products Section
;
; These sections specify the products that are to
; be updated.
;----------------------------------------------------
[WD]
PRODUCT_NAME=Windows Defender
PRODUCT_CONFIG_ROOT_KEY=SOFTWARE\Microsoft\Windows Defender

[MCP]
PRODUCT_NAME=Microsoft Client Protection
PRODUCT_CONFIG_ROOT_KEY=SOFTWARE\Microsoft\Client Protection"
****End AS_Delta.ini contents****

Questions:
1. Is "Windows Defender" the culprit?
Supporting evidence are "PRODUCT_NAME=Windows Defender
PRODUCT_CONFIG_ROOT_KEY=SOFTWARE\Microsoft\Windows Defender"

2. Why is this happening?

Thank you.
0
Comment
Question by:bz43
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 59

Expert Comment

by:LeeTutor
ID: 17055151
I did a google search and I found some pages referencing mpasdlta.vdm that verify it has to do with the program Windows Defender.  However, none of those files are present on my system, and I use Windows Defender.  I would suggest you uninstall the program and see if then you can delete the files, then reinstall the program and see if the problem goes away...
0
 
LVL 59

Accepted Solution

by:
LeeTutor earned 250 total points
ID: 17065055
bz43, any feedback?
0
 
LVL 9

Author Comment

by:bz43
ID: 17116714
Hi,

Sorry for not getting back to you in time.  I've been out of town.

This morning I just deleted all those directories and they haven't come back yet.

Thanks for your help.



0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you build your web application in Visual Studio you'll get at least a few binaries, or .DLL, files in your bin folder. However, there is more compiling to be done. Normally this would happen when an ASP.NET resource within the web site is request…
Can I legally transfer my OEM version of Windows to another PC?  (AKA - Can I put a new systemboard in my OEM PC?) Few of us are both IT and legal experts but we all have our own views of Microsoft's licensing rules and how they apply.  There are…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question