Hi,

I installed Avast 4.8.1296 update and got the following error:

Information about current update:
Last encountered error: The parameter is incorrect.

Restarted and although system didn’t flag lack of anti-virus, the taskbar “blue ball” was missing and Avast interface wouldn’t open, prompting the following error:

ashDisp.exe - Entry Point Not Found.
The procedure entry point dep_strFreeString could not be located in the dynamic link library aswCmnOS.dll.

Restarted, went to Add/Remove Progs, selected repair, restarted and all seems fine. However…

On first scan the report indicated four new password protected archives in addition to the usual:

C:\DRIVERS\MCDBF\SOURCE1.…\BIOSLOCK.PIF

C:\DRIVERS\MCDBF\SOURCE1.…\BIOSLOCK.EXE

C:\DRIVERS\OTHER.EXE\BIOSLOCK.PIF

C:\DRIVERS\OTHER.EXE\BIOSLOCK.EXE

Unable to scan: Archive password protected.

Avast detects no viruses with standard or pre-boot scan. Also ran SUPERAntiSpyware and Spybot, both report clean.

Default browser is Firefox withAdBlock, scan all drives daily, not installed or updated any apps (other than security) for few days, not opened any file d/loads I’ve not scanned first, PC seems to be running fine (if I’m being paranoid I seem to have noticed a recent increase in icons/windows flickering when using explorer).

So firstly, I’m assuming Avast update installation is fixed (as it works!), but based on the error reports is there anything I should be checking to be sure?

And secondly, are these files that started appearing after the update safe? Not had much joy on Google, advice (mostly badly translated) ranges from bad infection to backup files. And I’m assuming as they’re archived they can’t presently harm my system, just dunno what to do about them. ???

Any advice on the above will be appreciated.

Thanks.

Anyone recognise these files? :-\

What’s on the internet and the forum is inconclusive at best. To be safe, maybe manually add them to the Chest until some program stops working or asks about them.

Thanks for reply, sded.

Chest seems best option for now, good idea. Wish I could find what the hell files are - I’ll keep digging.

If they are important, you will surely find out at some inopportune moment. But at least they will be handy to restore from the chest.

True.

You didn’t mention your machine type, but there does seem to be a common thread.
Try Googling the folder part of the first name you provided (before ellipsis) to see if might match your machine vendor or one specific program you use.

Hi,

Re:

C:\DRIVERS\MCDBF\SOURCE1.…\BIOSLOCK.PIF

C:\DRIVERS\MCDBF\SOURCE1.…\BIOSLOCK.EXE

C:\DRIVERS\OTHER.EXE\BIOSLOCK.PIF

C:\DRIVERS\OTHER.EXE\BIOSLOCK.EXE

Can’t shift files to chest, still searching for file info.

Further searching indicates “MCDBF” seems to refer to directory in master CD.??? Found “OTHER” in drivers, properties says created 4 July 2000. This may indicate files part of recovery prog. Haven’t used my master DVDs since 10 July 2008.

So files MAY be legit system files, and reason Avast reporting now MAY be due to 4.8.1296 update as events coincided. But in that case you’d think others may have noticed/reported by now.:-\

However info like this concerns me:

http://www.threatexpert.com/files/Other.exe.html

http://www.bleepingcomputer.com/tutorials/tutorial101.html

http://www.prevx.com/filenames/2026313628862985586-X1073084215/OTHER2EEXE.html

Also some old Kaspersky threads indicate something godawful but nothing specific/resolved.

I’m aware some sites try to scare you into purchasing their crappy adware-ridden apps, but this doesn’t exactly cheer me up. Still no malware detected by Avast (standard & boot-time scan), SUPERAntiSpyware, Spybot S&D, and now also MalwareBytes. No warnings related to files from Comodo firewall. D/loaded Trojan Remover app but only found old AVG file which was removed. Also checked some reg entries purported to be changed by alleged trojans/worms, but seem OK. Then again I’m no expert.

I’m running XP SP2 on Packard Bell iStart 1359 desktop by the way.

This’s really bugging me now, running out of ideas (again).??? Anywhere I can find info on the above program information files and executables?

Thanks for the patience.

Did you submit the files to analysis? (probably false positives into the virus alert)
You can send an email to virus (at) avast (dot) com.

A Google with packard bell bioslock.exe provides some more information such as http://www.cableforum.co.uk/board/19/33629847-packard-bell-recovery.html and following references on these files being used in the recovery process, and PB using a bioslock to keep you from transferring the bios to another board. So appear legitimate, but at least Google will give you something to read now.

Thanks again, chaps!

I was Googling file names without PB prefix. I’d gathered it was something to do with recovery/tattoo/exths, the link provided has further eased my mind. And just got this:

[i]BIOSLOCK.EXE, OTHER.EXE, etc, etc.

The above file are all Packard Bell files.
The C:\DRIVERS\MCDBF\SOURCE1…is normally a hidden folder path.
The path C:\Drivers\ folders on my older computer are below.

C:\Drivers
CDROM
INFO
+MCDBF
+SETUP
SYSTEM.[/i]

So looking good so far.

As mentioned these files only appeared in scan reports after 4.8.1296 update - coincidence or what? :-\

Glad you figured out the the source; that was the machine type and program I was referring to.
Sorry I was cryptic. As a noobie here, I’m exercising caution and learning how much info is appropriate for posting on this board.

Nothing to apologise for, Sawduster! ;D Your info was very helpful.

Cheers again.