admin
Site Admin
Joined: 01 Jan 1970
Posts: 269
|
 Posted: Sat Jan 14, 2006 12:06 pm Post subject: Question regarding whether a exe file is a legitimate part o |
 |
Question: Hi Andrew,
I would like to ask if you could please help me with the following situation.
On a Windows XP media Center edition, Version 2000, SP2 machine, the "A squared"
rel="nofollow"www.emsisoft.com/en/software/free/ malware scanner said that
"D:\i386\apps\app20460\imgvemver1.6.exe" was an adware file. It listed it as "Adware.maxifiles.f"
The "D" drive appears to be a partitioned section of the hard drive that is used to archive the system restore files. Windows warned to not delete or change any files there.
I left the file alone. I am guessing this might be a total false positive ? I guess I should report it to A squared, but I wanted to get some feedback because I am completely new to XP.
I did an internet search for "Imgvemver" but nothing turned up, and that's what makes me wonder. Spybot, Lavasoft adaware, Microsoft anti-spyware, and the Ewido scanners all missed this, if it really is something to worry about.
I turned on the "show hidden files" option, but windows would not let me see what is on the "D" drive, and I did a search for imgvemver and "img" on the D drive, and nothing turned up.
I would appreciate any feedback, I don't really know whether to delete it or leave it alone.
Thanks for your help.
John
Answer: I think you are right. It is probably a false positive. Spybot and Ad Aware in conjunction almost never miss anything. See if you see the file try renaming it or moving it. If you can do this then the file is not in use and is probably not anything to worry about. You can also look in the registry to see if windows tries to run that file on startup. That is a dead give away. Open regedit and go to the hkey local machine, software,microsoft,windows, current version, run. See if there are any entries there. |
|
