Autorun - False Positive?

[rayray 0]

Online Armor reports the following autorun as detected:

 

Module: {4ED3A719-CEA8-4BD9-910D-E252F997AFC2}

 

 

Not sure what it is, but I'm guessing it has something to do with Windows.  Any ideas?

 

I'm not the only one that has this problem.  Another person reported this on another forum:

http://turbolab.it/forum/viewtopic.php?p=14934&sid=299496a48d988b3d27c6e2876f7c7fd7#p14934

[GT500 853]

Based on what I am seeing on Google, that appears to be a CLSID from a registry entry that loads the file twinui.dll which is a Windows system file on Windows 8.

[sitedrifter 1]

I am not sure why my post was deleted but I have no issue asking the question again.

 

I get the same alert and I have Windows 8.1 Professional.  Please advise if this autorun is safe to allow or should it be blocked and if so, why?

 

Thanks

 

Mark

[sitedrifter 1]

Where is the support on this? Is the safe to run?

 

Summary:      Autorun detected: {4ED3A719-CEA8-4BD9-910D-E252F997AFC2}

Description:  {4ED3A719-CEA8-4BD9-910D-E252F997AFC2}

Event type:   Autorun(10)

Event action: Allowed(2)

[Christian Peters 99]

Hello,

 

please open Online Armor and go to the section History in the left menu. Export the Online Armor history on this section and save the file on your computer.

 

Please send the file to [email protected] with a hint to this topic here.

[GT500 853]

Mark, I answered this question for you via e-mail on February 28th. It is a file from Microsoft and we recommend allowing it.

[MaXimus666 0]

why not just whitelist it if it's safe so everyone won't face this?

[GT500 853]

Certificates used by Microsoft to digitally sign their files are whitelisted. The notification he's seeing is not normal, but the file is safe. If he has the registry monitoring on, then it may be matching a custom rule that he has set up.