X-Block & BHO

Hi Guys,

While readings Bubba's comments to CJsDad, referenced was X-Block, I could not download X-Block, & ran X-Block on line, which found the following:

"Proventactics" Hkey_Classes_Root\AppD\BHO.dll

I did not allow X-Block to remove as I wnated to check the folowing first, See pic.

From the pic zonemap area indicates (4) which tells me X-block found an FP (false positive), however, the registry locations do not match. Should I allow X-block to remove or is this an FP?

Thanks
rico

 

Hi

I also ran a Hijack this scan & the "02" section does not reference the above mentioned "BHO.dll or its location.

Thanks
rico

 

While in the registry did you find the bho.dll entry in the actual location Xblock said and do you actually find a bho.dll in your file structure ?

Also....there are a couple of things that would cause me to initially say that is a FP.

1) proventactics is usually associated with the ProvenTactics toolbar and it's dll is provenTactics.dll.
2) bho.dll is associated with a number of BHO toolbars but ProvenTactics has never been one of them to my knowledge.

As a side note....I just ran online Xblock and besides the Alexa\Related entry it also found Adware.SweetBar as a service entry of IPRIP. Well....Sweetbar does install that service so but so does the valid MS IPRIP(RIP Listener)

 

Hi Bubba

- Yes & the right window pane, gave the below CLSID

Geez & I thought PestPatrol was bad for FP's

Oh! Search for BHO.dll brings up c:\program files\techsmith\sangit8

Thanks & Take Care
rico