adware deluxe communications

what should i do? its in my quarintine

 

Same result here. And same CLSID. Same 441,108 threats listed. I've put it into quarantine, for the time being, presuming it was a f/p. Any confirmation would be greatly appreciated. (Although, I was reading about it, in relation to Surf Sidekick at BC, I do view it, as an overwhelming coincidence. And only that! Simply a coincidence.)

Carol

About: Adware. Deluxe Communications
http://www.bleepingcomputer.com/forums/topic66364.html
http://www.bleepingcomputer.com/sec...eluxecommunicationssurf-sidekick-in-disguise/

 

wait so its real?

 

cheater87..

No, not saying it's real. As a matter fact, in fairness to BC, only because I mentioned it, I went back to the two links to confirm it was NOT from their site. It is not, as I alluded to in my post.

I'm going to restore it and check to see if it matches the Microsoft URL Search hook. It's only my opinion, but I feel it is a f/p. I will not take action, until it is confirmed. Just how "I do things".

Carol

 

so should i leave it in quarintine?

 

cheater87..

I'm going by what Bubba and OldRebel have said. I trust their opinions. If after restoring it, you find the reg entry:

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\InProcServer32]

It would lead to it being a false positive. I did find the above, after restoration. That said, it's up to you. There's certainly no harm in waiting, if you're unsure.

Carol

 

I found the same entry after the latest ewido update. I just ran HJT and the entries mentioned at Bleepingcomputer:

http://www.bleepingcomputer.com/forums/topic66364.html

do NOT exist. My bet is, it is a False Positive.

 

Sorry for that. It will be fixed with the next update.

We're sorry for the inconvenience.

 

Just ran ewido and had the same finding, then got the update and all is clear and OK now.

Thanks,
HelpFromFrance

 

i took it out of quarintine was that ok?

 

Cheater87,

If it is the same one that is mentioned above, yes, you are OK, it is a false positive. If you do the update and your count of signatures shows 441,674, then you run anohter scan it should not show up as Ewido corrected this in the last update.

Hope that this helps,
HelpFromFrance

Edit: -- Since I wrote this there has been another update and the siganture count is 441,735.

 

I guess false positives are inevitable once in a while for all anti-malware programs. I submitted a support request by email last night and received the final reply that the error was fixed this morning when I first checked my email. Ewido support is wonderful in how fast they respond in these situations.
Thanks, team Ewido!

 

Updatet ewido. Scanned the registry, no more f/p. Thanks.

 

Hi Karl,

thanks !

After updating ewido, everything is CLEAN again

 

All clear and another "Thank You"! A speedy response - as usual.

 

mine says 441,735 i just updated it

 

Thank you all
This is a great forum of interested parties

 

Well just FYI, I scanned My comp and ewido also found this.
After I quarantined it I lost My search from address bar function (I have a reg hack to search with google from the address bar,I'm not sure if that had anything to do with the problem)
After removing this from quarantine all is well...
Did not try to reproduce the problem,I'll just leave well enough alone<g>

till later...
...hangman