Adlogix - Possible AdAware False Positive?

Discussion in 'other anti-malware software' started by TopperID, Sep 1, 2005.

Thread Status:
Not open for further replies.
  1. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    I've just done an AdAware scan, with latest definitions and it found Adlogix in C:\WINDOWS\system32\regobj.dll, along with 4 associated Reg keys. It gave it a Tac rating of 1, which is Low.

    I'm always wary of deleting files in these circumstances because the regobj.dll file is potentially legitimate and no other scanner is finding anything wrong with it.

    Since Adlogix is basically a BHO problem (and I don't have that) I'm treating this as an FP.

    Is anyone else getting this finding?
     
  2. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    Apparently Trend Micro were recently finding regobj.dll as 'Bruteforce.A':-

    http://www.mcse.ms/archive118-2005-6-1702230.html

    While SpyBot found regobj.dll as 'Munga Bunga':-

    http://forums.net-integration.net/index.php?showtopic=20490&st=0�entry94862

    Ad-Aware finds it as Adlogix, because that piece of Malware does drop a regobj.dll file:-

    http://labs.paretologic.com/spyware.aspx?remove=Adlogix

    regobj.dll is however a legitimate system file and all of the above are false positives. It is only likely to be genuine if your system has additional malware files to make up the complete infection.
     
  3. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Adlogix False positive has been addressed by Lavasoft.

    SE1R64 31.08.2005 Build 75 available
     
  4. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    Thanks Bubba.

    Problem cured now - but I had to do a manual download of the def file build 75; for some reason I kept getting the old sig file when updating from within the program.
     
  5. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Don't feel like the Lone Ranger. Lavasoft's download servers has been incurring this burp problem for a while....excluding the normal server overload when many users are attempting to download the def files as soon as they come out or the explanation could be that your ISP may store cached pages. :eek:
     
Loading...
Thread Status:
Not open for further replies.