Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

False Positive Or Malware?


  • Please log in to reply
1 reply to this topic

#1 Elendil

Elendil

  • Members
  • 660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The US
  • Local time:12:10 PM

Posted 03 June 2006 - 11:48 AM

Hey everyone! At one point in the day, my Internet crashed (I'll be gone for most of the day, so it doesn't really matter if it crashes again unless it's malware related), so I ran a scan with A-Squared. Immediately after its registry scan finished, A-Squared cited one malware was detected. The complete scan soon finished and the only malware was this:

Object Diagnosis
Value: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings --> AutoConfigURL Trace.Registry.WINSWEEP

I checked remove and clicked the remove button; however, just to make sure it was deleted, I rescanned my registry with A-Squared and it was detected agian! Now I manually went into regedit and removed the entry. Upon re-opening regedit, it was back again! Now believing that this entry might be either stubborn malware or a necessary file, I scanned my registry with Ewido and Ad-Aware SE - nothing detected. So, now I'm wondering whether or not this "malware" is a false positive. After googling it, it appears that this is not malware; however, I have recently been experiencing another problem that might be related to this. As mentioned in another topic, my Internet Explorer homepage is set to Yahoo (I'm going to change it to my personalized Google Homepage and I like the Yahoo news alerts so don't shoot me just yet). Whenever I open up IE, I get a completely blank screen with nothing but a nice sheet of white; yet, when I click refresh, Yahoo appears and everything is fine. Could this "malware" problem be affecting IE, and if so how can I fix this?

Note - I just ran HJT and HJT listed this item on its scan as an R1 entry.

Edited by Elendil, 03 June 2006 - 11:54 AM.

Stanford '14
B.S. Candidate | Computer Science

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:10 AM

Posted 03 June 2006 - 12:59 PM

I have read on several forums where a-squared is prone to FP's. If none of the recommended scans are picking up anything than this is probably the case here.

The a-squared support forum even talk about this trace here.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users