Last night, I did a quick scan before shutting down my computer and it found eight infections [in Registry] of Application.PowerRegister. After researching this on the internet, I found conflicting reports. Some say it is software produced by LeaderTech that is a 'register' reminder for software. Others have said it is evil spyware BEWARE. I quarantined the infection last night. When I started up my computer and ran a quick scan again, it found five infections of the same threat. I do not know how to post any screen shots nor do I know how to attach anything. I hardly download any programs from the internet unless I know it is a trusted source, therefore, I will not download any program that might 'help' me get screen shots, etc.

I also do a full scan every day of Norton Internet Security 2009 and it does not detect this threat.

Any ideas on what this is? I installed software with a new mouse about a week or so ago, but I don't know if this is related or not.

If you note on the SD infection line there is an option for more information, which should have been helpful.

It is most likely harmless, probably a false positive and related to your new mouse software.

[copied from Leader Tech website] "Leader Technologies, provides a service that allows users of consumer products to register online (instead of mailing in a postcard registration/warranty form) the products they purchase from various manufacturers. If you have recently purchased and installed a product from one of our manufacturer customers, some of whom include Epson, Sony, Palm, Xerox, Adobe, Disney, H&R Block and many more, there is a registration application that runs during the setup or installation of the product asking you if you would like to register one of these products."

I had a client with the same scan result yesterday. They quarantined it with no ill effects so far.

However, PCTools needs to look into this.

PS. Here is how to post a screen shot.

http://www.pctools.com/forum/showthread.php?t=49383

If you note on the SD infection line there is an option for more information, which should have been helpful.

It is most likely harmless, probably a false positive and related to your new mouse software.

I had a client with the same scan result yesterday. They quarantined it with no ill effects so far.

However, PCTools needs to look into this.

PS. Here is how to post a screen shot.

http://www.pctools.com/forum/showthread.php?t=49383

Thanks for your reply. I don't mean to be snarky, but I hardly trust anything I have to download online, especially if I don't use the product a lot. I did click on the link after the scan finished and I did notice that SD said it was 'legitimate' but may also be 'undesirable.'

I did submit a ticket to Support to have this looked into further. I recently had Adobe to download an update, so it could be from there as well. I appreciate your showing me the thread [I also looked at it before posting], and again, it involves downloading software from the internet...blah, blah, blah. Not trying to be difficult, just trying to keep from repeating myself! ;)

Thanks so much!

I do not think that it is from the Adobe update.

You indicated that you recently installed new mouse software, probably from a cd, and it probably wants you to register the software. I'll bet that is where it came from.

Yesterday spyware doctor found the same infection for me.

1st SCAN:


2nd SCAN:
http://img140.imageshack.us/img140/9592/spywaredoctor9309diff.png


It looks like mine has to do with EPSON (I think), I had an EPSON printer a little while back.

I do not think that it is from the Adobe update.

You indicated that you recently installed new mouse software, probably from a cd, and it probably wants you to register the software. I'll bet that is where it came from.

Yeah, I realized I panicked for nothing. I checked out Leader Tech's website myself, and one of their 'customers' is in fact Logitech. My mouse and software came from...three guesses and the first two don't count...Logitech.

Yes, this looks to be a false positive. Jarava's (epson) is the same. I am sure that achen will be following up on this later this afternoon.

Yes, this looks to be a false positive. Jarava's (epson) is the same. I am sure that achen will be following up on this later this afternoon.

I don't have an EPSON printer anymore so it should be ok if I don't restore it right?

Absolutely, no need to restore.

You might want do the following as well

go to control panel, add/remove programs and remove any epson printer software
go to control panel printers and faxes and remove the epson printer
use Ccleaner or Msconfig and disable any epson start up programs


Just general cleanup.

I also had the PowerRegister infection today. This related to Sonic Record Now! which I had long ago uninstalled. So these must have been registry remnants and I quarantined them.

Later I started Outlook and it kept asking me for user id and password, which I entered, but I was in this endless loop. I re-set the password from within Outlook. Outlook hung on receive. Prior to the quarantine, Outlook worked fine.

I was going to un-quarantine, but decided to run an Office repair first.

The repair worked and Outlook functions just fine.

Somehow the power register quarantine thing corrupted Outlook.

More follow-up:

Similar configuration on another PC..., same Sonic powerregister quarantine, no impact to Outlook.. go figure

I just came back and found this after leaving the pc doing a full scan.
I have the following reg entries and the file:
PowerReg.dat in
C:\Documents and Settings\user\Application Data\Leadertech\PowerRegister folder.

I've quarantined the reg entries for now but the file/folder is from sometime in 2008 I've no idea from what software it refers to though??

http://a.imagehost.org/0083/sd.jpg

Is this a FP? do i need to delete the folder and reg entries?
:confused:

I just wanted to weigh in that I also received several positives for this in my registry keys... in the same spots. As well as the dat file in docs and settings. It says its for a flexlm license file, and I posess several programs on my drive that use that utility.

I have a logitech mouse, also.


Ive quarantined, but havent found any weird behavior yet, but will update if needed.

Hi Guys,

Thanks for the info. We are currently checking this out and will provide an update asap.

Lucid,




I've no idea from what software it refers to though??

Is this a FP? do i need to delete the folder and reg entries?
:confused:

I tried to look up VSNE but could not get any worthwhile hits.

This is some software just that uses the leadertech software to try to update.

Leave the stuff in quarantine for now.

It should cause you no problem.

Go to post 2 of this thread for more details.