Is this a false postive?

Discussion in 'ewido anti-spyware forum' started by robinb, Feb 6, 2007.

Thread Status:
Not open for further replies.
  1. robinb

    robinb Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    456
    Location:
    NJ
    HKU\S-1-5-21-1539001950-3149648297-3202504066-1005_Classes\Interface\{8148A489-F54E-4D74-B6F3-81901D0AA54A}\TypeLib\\Version -> Adware.ActivityMonitor : Cleaned with backup (quarantined).

    As you see I quarantined it but i have no clue what it is so i do not know if i should put it back, ignore it or leave it in quarantine.

    I am using the license version of AVG 7.5 antispyware running xp pro sp2

    Please help.
    robin
     
  2. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
  3. robinb

    robinb Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    456
    Location:
    NJ
    no but it might have been added when we loaded Quickbooks 2 days ago.
    That is the last program we added on this computer.
    I removed it from quarantine and set it up to ignore for now.
    Would Quickbooks cause it since it does have a monitoring system?
    and connects to the internet?
    robin
     
  4. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    I'm afraid I can't say what put the Key there in your case, it just happens sometimes that malware files will share the same CLID number as a lgitimate file, they are supposed to be unique but that is not always the case. Sometimes a scanner will pick out the entry because it is associated with malware, when in fact there is a legitimate reason for it being there.

    I can't be sure of course, but if it was my machine I would leave it be for the moment, on the basis that if it really was part of an infection I would expect to see a lot more evidence of it than this one Reg Key.
     
Thread Status:
Not open for further replies.