Unsolved
9 Posts
1
1321
Aurora R8, AWCC flagged as Malware/Adware
Alienware Aurora R8
I've seen some other threads with folks having different issues with AWCC version 5.5.9.0 but I have only seen my issue (unanswered) on external websites. I have experienced my desktop flickering and the blue wheel loading cursor like others have while installing the most recent version like others have described.
This time, however, I decided to wait it out and see what happens. Eventually Webroot popped up saying Display001VcpSrv.exe is a "W32.Adware.Gen" Infection. For now I'm letting Webroot remove it and will reinstall later if there's some sort of confirmation that it is not adware. I also saw external posts where Norton was flagging this exe as malware as well.
Screenshots:
Here's the full path:
Thanks,
Mike
Vanadiel
6 Professor
6 Professor
•
6.4K Posts
0
August 14th, 2022 08:00
If you downloaded the drivers from the official Dell driver download site than I would say that is false positive.
Dell drivers
steadler
2 Intern
2 Intern
•
210 Posts
0
August 14th, 2022 11:00
That one is part of the game eye components, what ever that is . In that directory you will find a separate uninstall program for it. I did run it and it removed that completely, it seems a separate package.
Running the awcc 5.5.9 installer package repair does not re-install it.But Awcc seems to work without it.
speedstep
9 Legend
9 Legend
•
47K Posts
0
August 15th, 2022 00:00
@Mike KC
Somewhere in your travels on the internet you clicked YES and the malware attached itself to the exe file and its now residing in memory so deleting it wont make it go away.
I would recommend doing a fresh start then downloading AWCC directly from Dell then reinstalling webroot etc.
Windows key R to run
c:\windows\system32\systemreset.exe -cleanpc
FRESH START
Simon-John
1 Rookie
1 Rookie
•
4 Posts
0
August 15th, 2022 02:00
"Somewhere in your travels on the internet you clicked YES and the malware attached itself to the exe file and its now residing in memory so deleting it wont make it go away"
This information is not accurate as the machine we tested it on was a fresh OS install - no futher information gathered as yet.
jayzcos
3 Posts
0
August 15th, 2022 20:00
I have the same issue with Sophos (so it’s not just webroot). Also it looks like other people have had Display001VcpSrv.exe blocked with Norton. My issue came after an auto update of the control center today. I hope the installer didn’t get compromised. Can someone from Dell please respond?
Mike KC
9 Posts
1
August 18th, 2022 16:00
Just an update since I wasn't clear about the source. I did not download the installer from Dell and install (though at some point I may have uninstalled and downloaded from Dell). AWCC has been installed since I've had the machine, and it was updating on it's own like it always has.
My wife's Alienware x17 hasn't ever behaved any differently, so no cause for alarm there either. She hasn't been on hers in a while so I started hers up and immediately AWCC was wanting to update. I let it run, updated successfully, scanned hers with webroot, nothing popped. Scanned the containing folder specifically, nothing popped.
I decided to hash her file to see if it was the same one, ran:
certutil -hashfile "C:\Program Files\Alienware\Alienware FXDisplay001 Components for AWCC\Display001VcpSrv.exe" MD5
File has was: 645c2654f54268b09724b1c0cbaf4229
Restored my quarantined file, scanned, didn't pop again. Hashed my file with the command above, same file. My guess is that the antivirus signatures have been updated, would be nice of Dell to confirm though.