cancel
Showing results for 
Search instead for 
Did you mean: 
mayfletcher
Level 7

Not sure what what to answer with this warning

McAfee has poped up a warning on my laptop here is what it says:

McAfee has detected a potentially unauthorized file change to your computer.

About this File Change

SystemGuards: Windows Win.ini File

Program: Host Process for Windows Services

Location: C:\Windows\SysWOW64\svchost.exe

Spyware, adware, and other potentially unwanted programs can make changes to the Win.ini file, allowing suspect programs to run when you start your computer.

Iam not familiar with all these types of thing and not a computer teckie so I   have no idea what this is and if I should click "allow this change" or "block t

his change".   Can someone plse guide me. This laptop is only a week or so old.

Thanks

0 Kudos
3 Replies
exbrit
Level 21

Re: Not sure what what to answer with this warning

Is this an Alienware computer by any chance?  Mine did the same thing and I thought that McAfee had taken care of it.

It's part of the system customization that the OEM computer sellers include in their operating system installation disks.

Allow it.

0 Kudos
mayfletcher
Level 7

Re: Not sure what what to answer with this warning

No not Alienware.

My computer is a Dell Inspirion 1545 laptop

0 Kudos
exbrit
Level 21

Re: Not sure what what to answer with this warning

Dell/Alienware, the same thing these days now that Dell took them over.   It's very likely the same as was detected on mine and strangely enough last night another file in that same folder was detected as a trojan and they sent me an EXTRA.DAT to cover the detection.

To submit the file for them to check you will need to temporarily disable VirusScan.

Double-click the taskbar icon to open Security Center

Click Advanced Menu (bottom left)

Click Configure (left)

Click Computer & Files (top left)

You can disable VirusScan in the right-hand module and tell it for how long.

Then click the Restore button (left & assuming it was quarantined), click Files (left) & restore the item in the right panel.

Send the file to Avert for analysis:

http://vil.nai.com/vil/submit-sample.aspx

or

https://www.webimmune.net/default.asp

or

Email file to: virus_research@avertlabs.com

When submitting samples they must be packaged in a .ZIP file. When creating this .ZIP file, it is important to understand that the .ZIP can be no more than 3 megabytes in size and can contain no more than 30 files.

Additionally, any .ZIP file created must be password-protected using the password "infected" (minus the ""). Failure to follow these guidelines will cause your submission to be rejected.

Message was edited by: Ex_Brit on 11/27/09 5:36 AM
0 Kudos