tlb41.exe: FP or not?

Discussion in 'Prevx Releases' started by wideglide36, Nov 24, 2009.

Thread Status:
Not open for further replies.
  1. wideglide36

    wideglide36 Registered Member

    Joined:
    Oct 3, 2004
    Posts:
    207
    Location:
    Central PA
    Hi,

    I just did a search on my problem and didn't find anything so here goes.

    I'm using Prevx 3.0.1.65 and today Prevx said I was infected with a worm and recommended that I remove it.

    The file in question is tlb41.exe which is my true launch bar program that I have had installed for quite some time now. At least I think it is my true launch bar program. I have not altered this program so why would Prevx just now flag this file?

    Is this a FP or do I need to get rid of this pronto?

    Prevx notified me of this problem while I was running a scan with secunia to check for programs that might need updated.

    Thanks for listening.
     
  2. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    It looks to had adware in it according to some of the things that Google returned, It could be a FP and if so you should submit it as such so they can have a look at it.
     
  3. wideglide36

    wideglide36 Registered Member

    Joined:
    Oct 3, 2004
    Posts:
    207
    Location:
    Central PA
    Fajo,

    Thanks for your reply.

    I couldn't find any mention of adware in my searches. If it is indeed a FP , I will surely notify Prevx.

    As I said, Prevx said that it had detected a high risk worm and that I should remove it asap.

    Hopefully Prevx help will come along and let me know what to do with this detection.

    Thanks for your help.
     
  4. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    Easy thing to do is when it pops it up you can send it to Prevx as a False positive, They can review it and remove it from there database if it ends up being harmless. But you can also wait for support, Joe (PrevxHelp) normally gets on a checks things in the morning and throughout the day. He should be able to give you more of a view what it is and if its a FP or not. :cool:
     
  5. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Yes definitely :) If you could please email the file in a rar or 7z archive to report@prevxresearch.com, I'll give it a more thorough going over. Our determination of "High risk worm" is made automatically and isn't very precise (generally based on the spread of a program, so a new "popular" adware could get classified as a worm if its propagation looks worm-like).
     
  6. wideglide36

    wideglide36 Registered Member

    Joined:
    Oct 3, 2004
    Posts:
    207
    Location:
    Central PA

    Hi. Prevxhelp,

    Thanks for responding.
    I have labeled it as a false positive within the Prevx program.
    I also sent a copy of the zipped folder in which it was in, to report@prevxresearch.com.

    I got this program from GAOTD and have been using it for a couple years with no problems. I scanned this zipped folder with Avast and MBAM and it came up clean. When I scanned it with Prevx it showed it as a high risk worm.

    Your web site has it listed as a worm also and that's what confuses me. Could it possibly be a serious infection?

    The zipped folder I sent has three files, a setup file and a activate file and also a read me file.

    I can't find anything on a google search indicating that this program is a worm. I sure hope it is a false positive.

    Thanks for your time.

    To edit this post.

    I just received a reply from the support team at Prevx and they agreed that this was a false positive and that they would adjust things accordingly.
    Well that's a relief.
    Thanks everybody for your help.
     
    Last edited: Nov 24, 2009
Thread Status:
Not open for further replies.