adware deluxe communications

I can't find info thru google on adware deluxe communications
Any Thoughts?

 

Is this a FP?

Adware.DeluxCommunication I have never gone on any fishy sites. I don't know how i could of gotten this.

 

i have this as well. I hope its a FP

 

I also see in now on my other PC

I bet its False but will wait for others to comment

 

*hands you popcorn for the wait* i quarinined it is that bad?

 

Also have it detected on my PC. I'm thinking it's probably a FP.

 

Same Here, I think it must a false one, (I hope)

 

so i release it from quarintine?

 

Also has not been found by adaware, spybot and NOD, think I keep in quarintine untill it's confirmed to be a FP

 

ok so im not the only one that put it in quarintine

 

Some infos about that adware:
http://www.tenebril.com/src/info.php?id=4832051&hp=tc

 

how the hell did it get on my computer? all i did was download something from download.com. Did i get it from that?

 

Seams that all the security programs we have installed still have bugs/lacks.

 

so is this from downloading from download.com or is this a false positive?

 

It seams it is a adware registry entry and so a positiv finding, but.....

It's used for displaying popups on websides such as explanations for some terms, etc. So i think its not real a dangerous one.

 

so how did we get it?

 

Since I can not see the whole CLSID in the first pic....if it is the below reg entry then it is a False positive against a valid Microsoft Url Search Hook reg entry.

I would also suggest checking if you have the latest update which is 441,108 threats.

Bubba

 

well buba the first 9 numbers add up to what you said was the false positive

 

Well open up ewido and select the Reports section....select the scan that relates to this find and take a look at the remaining CLSID numbers to see it totally matches. The latest update of 441,108 threats does not flag that reg entry.

Bubba

 

NOOOOOOO it didn't save a report

 

I have that same 441,108 threats listed on Ewido, and it still finds that reg entry:

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 9:09:52 PM 9/25/2006

+ Scan result:



HKLM\SOFTWARE\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} -> Adware.DeluxeCommunications : No action taken.


::Report end

I'm pretty sure it's a false positive for a legit Microsoft URL Search hook. See screenshots.

 

Expanded reg key.

 

That is odd because I got that update, scanned and nothing was found which is why I felt confident in making the statement. However....as you are showing the whole CLSID from your scan which matches the Microsoft URL Search hook....I agree with you that it's an FP.

 

so release it from quarintine?

 

Just installed Ewido with 441.108 signatures. It finds also this key.

A-Squared does not Alert.