Windows Defender Severe Alert

Moderator: lata

wmcorley
Posts: 1
Joined: Wed Nov 08, 2017 3:42 pm
operating_system: Windows 10
System_Drive: C
32bit or 64bit: 64 Bit
motherboard: biostar ta970
processor: amd fx8320
ram: 4GB
Video Card: amd radeon hd5450
sound_card: amd hi def audio device
Hard_Drive_Capacity: 200GB
Monitor/Display Make & Model: Seiki 24 inch
Corel programs: WinDVD 11

Windows Defender Severe Alert

Post by wmcorley »

Windows displayed an alert last night for the first time - see attached png - telling me that it had discovered a virus. The WinDVD11 file version is 11.7.0.15. I'm attaching a snip of that too. I searched the internet and this forum and don't find any other reports. WinDVD11 won't play a blu-ray after it quarantines it. I can make it work by excluding the WinDVD folder.

The warning is for
Trojan:Win32/Rundas.B
and the file is
C:\ProgramData\sMedio\Common\VDSE\RSG04.cpl

This appears to be a WinDVD file but I can't be sure.

I'm not sure what to do next. Does anyone have any suggestions? Windows Defender wants to remove it.
WindowsDefenderAlertWinDVD.PNG
WinDVDfileversion.PNG
I did a little more checking and found that
C:\ProgramData\sMedio\Common\VDSE\RSG04.cpl
is a hidden file and it appears when WinDVD starts and disappears when it exists.

I came across some instructions from Corel for uninstalling WinDVD manually here:
https://support.corel.com/hc/en-us/arti ... om-Windows
and it includes instructions to delete the sMedio folder:
...
8) Change the location then to C:\ProgramData
9) Delete the folder sMedio
...

I made a copy of the file while WinDVD was running and uploaded it to virustotal and seven of the detection sites show it contained a virus.

Since Experian and Kaspersky have been compromised I tend to treat this kind of event seriously; I might have shrugged it off in the past, given that it's coming from Corel. Now I'm not so sure.

So Corel, is this ok?
You do not have the required permissions to view the files attached to this post.
Top

Return to “WinDVD”