J
Jones16
Defender recently caught the following: Program:Win32/PowerRegScheduler.
Is this something to be concerned about?
Thanks.
Steven Wintonick
Is this something to be concerned about?
Thanks.
Steven Wintonick
Tim Clark said:Hi Steve.
First, please try to limit your self to one post per problem/topic/subject.
It's kinda hard to help if your post are all over the place on the same
thing, thanks.
I also got the same detection you got after I ran a full scan after Monday's
definition update. It is in a file that has been on my system for years,
even longer than defender. It was detected in a file which I think is a
"phone home" type program when you register an application. In my case it was
found in Myst III/Exile. Do you have that or another Myst/Ubisoft/Cyan game ?
I believe that this is a false positive and have reported it to MS [actually
twice, because I don't think the first one went through]. I do not know if I
submitted it early enough to make tomorrows expected definition update
[assuming that it is a false positive]. It was rated as medium by WD, and
even if they don't think it's a false positive I think, in my case it's
harmless. Remember, what constitutes Spyware/Adware is up to some
interpretation. To some folks, ANY software that phones home is malware. I
don't think it always is, but that is just me.
So, since you and I both got the detection after Monday's update, and never
had it before that, and in my case the file has been on my machine for years,
and None of my other security programs has Ever had a problem with it either,
I am inclined to think false positive and wait it out to see if it is still
seen after tomorrow's or next Monday's update. But that's just me, your
mileage may vary.
What is the name of the file that the detection was found in, in my case it
was in a file called UBI1.exe, which, as I said, came with my Myst III game,
years ago?
By the way, if this is a FP, it is the first one I have ever received from
WD, not bad really.
Tim
--
Windows XP SP3 [Tried and True!]
Windows Vista [Your Joking, Right?]
Windows 7 [Determination Pending ?!?]
Jones16 said:Defender recently caught the following: Program:Win32/PowerRegScheduler.
Is this something to be concerned about?
Thanks.
Steven Wintonick
*< TOM >*<
Hi Steve.
First, please try to limit your self to one post per problem/topic/subject.
It's kinda hard to help if your post are all over the place on the same
thing, thanks.
I also got the same detection you got after I ran a full scan after Monday's
definition update. It is in a file that has been on my system for years,
even longer than defender. It was detected in a file which I think is a
"phone home" type program when you register an application. In my case it was
found in Myst III/Exile. Do you have that or another Myst/Ubisoft/Cyan game ?
I believe that this is a false positive and have reported it to MS [actually
twice, because I don't think the first one went through]. I do not know if I
submitted it early enough to make tomorrows expected definition update
[assuming that it is a false positive]. It was rated as medium by WD, and
even if they don't think it's a false positive I think, in my case it's
harmless. Remember, what constitutes Spyware/Adware is up to some
interpretation. To some folks, ANY software that phones home is malware. I
don't think it always is, but that is just me.
So, since you and I both got the detection after Monday's update, and never
had it before that, and in my case the file has been on my machine for years,
and None of my other security programs has Ever had a problem with it either,
I am inclined to think false positive and wait it out to see if it is still
seen after tomorrow's or next Monday's update. But that's just me, your
mileage may vary.
What is the name of the file that the detection was found in, in my case it
was in a file called UBI1.exe, which, as I said, came with my Myst III game,
years ago?
By the way, if this is a FP, it is the first one I have ever received from
WD, not bad really.
Tim
Tim Clark said:Well,
It appears that MS WD and I will have to agree to disagree.
According to the automated email reply I got to my FP submission it
appears
that WD will continue to flag the file in question.
http://pastebin.com/7pYGK1CM
And I have just run today's update of WD and the detection is still there.
For those who may be also suddenly getting this detection its description
from MS is as follows:
=======
Summary
PowerRegScheduler is a product registration system used by some legitimate
software programs. It collects demographic data for vendors who use
PowerRegScheduler as a product registration reminder. PowerRegScheduler
collects data such as your name, address, e-mail, place of purchase,
product
serial number, etc. This data is transmitted to PowerRegScheduler servers
and
is then made available to the manufacturer of the purchased product.
...
PowerRegScheduler may remain on the computer after the product
registration
task has been completed.
=======
As I know what the file is, and why it is there, and it is not autorunning
I
intend to leave it.
Others should follow their own good judgment.
Though I am surprised that this has Suddenly happened when I have had the
file on my machine since 2005 and run a Full System Scan with WD Every
time
it updates.
Yet the record for this detection states:
Program:Win32/PowerRegScheduler
Antimalware protection details
Microsoft recommends that you download the latest definitions to get
protected.
Detection last updated: Definition: 1.69.152.0 Released: Oct 26, 2009
Detection initially created: Definition: 1.45.287.0 Released: Oct 07, 2008
Oh well, one FP [in my opinion not theirs] in all this time is not bad at
all.
Long live WD
Tim
Tim Clark said:I believe that this is a false positive and have reported it to MS
[actually
twice, because I don't think the first one went through]. I do not know
if I
submitted it early enough to make tomorrows expected definition update
[assuming that it is a false positive]. It was rated as medium by WD,
and
even if they don't think it's a false positive I think, in my case it's
harmless. Remember, what constitutes Spyware/Adware is up to some
interpretation. To some folks, ANY software that phones home is
malware. I
don't think it always is, but that is just me.
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.