Solved

sendtoonenotefilter.dll is being identified as a threat

  • 2 April 2015
  • 4 replies
  • 43 views

Hi - Webroot antivirus has today identified three instances of the sendtoonenotefilter.dll file as a threat and placed them into quarantine, along with a file named spss%2023, which seems to relate to a pdf document that I have recently viewed on an IBM website (at least that's the only thing I can imagine as being the likely cause).
 
Are these genuine issues or is webroot throwing up false positives?
 
For info: my laptop is running windows 8.1 and webroot antivirus is version 8.0.8.53. Also possibly relevant is the fact hat I'm using (and have been for several months) the technical preview of Office 2016.
 
Thanks!
 
LW
icon

Best answer by Rakanisheu Retired 2 April 2015, 13:20

View original

4 replies

Userlevel 7
I haven't tried Office 2016, can you reply with the scan logs from your PC so I can fix this? If you right click on the Green W icon down by your click and select the "Save a Scan Log" option, drop the file on the desktop. You can attach the file to the post or open the file and scroll down to the bottom to find the relevant parts.
 
It will look something like the following:
 
Wed 2015-02-18 12:05:46.0947 Infection detected: c:programdataaojqugaqwesivyebi.noq [MD5: 8EBBA4314A327244825EBA23A335F40D] [3/08080021] [W32.Trojan.Gen]
Hi Rakanisheu - many thanks for helping out with this issue. The relevant parts of the scan log are below - please let me know if there's anything else I can provide.
 
Thu 02-04-2015 09:10:56.0148 Infection detected: c:program filesmicrosoft officeupdatesdownloadpackagefiles16.0.3823.1010
ootoffice16onenotesendtoonenotefilter.dll [MD5: 9071E00F1F030E84814B053BE65AB835] [3/00091020] [Pua.Adware.Megasearch]
Thu 02-04-2015 09:10:56.0149 File blocked in realtime: c:program filesmicrosoft officeupdatesdownloadpackagefiles16.0.3823.1010
ootoffice16onenotesendtoonenotefilter.dll [MD5: 9071E00F1F030E84814B053BE65AB835, Size: 98512 bytes] [593952/00000003] [Pua.Adware.Megasearch]
Thu 02-04-2015 09:10:56.0153 Determination flags modified: c:program filesmicrosoft officeupdatesdownloadpackagefiles16.0.3823.1010
ootoffice16onenotesendtoonenotefilter.dll - MD5: 9071E00F1F030E84814B053BE65AB835, Size: 98512 bytes, Flags: 00000020
Userlevel 7
Perfect thats exactly what I needed! Saves me having to download 2016. Thats now fixed and that DLL will no longer be detected as malicious. You can restore the file from Quarantine:
 
1. Open on the cog icon next to PC Security.
2. Click the Quarantine tab.
3. Click the check box next to the filename, then click Restore:
 
c:program filesmicrosoft officeupdatesdownloadpackagefiles16.0.3823.1010
ootoffice16onenotesendtoonenotefilter.dll
 
If you have any further issues or problems please feel free to reply. 
 
What excellent service!! Thanks very much!! :D
 
LW

Reply