melboy, thanks for the warm welcome. I reviewed your link. My experience was like jscottpanama. Malwarebytes quarantined and deleted the false positive. It didn't save a copy in quarantine for me to restore. I had two false positives yesterday. The other was with AVG 7.5. I was able to restore that one. With Malwarebytes, I decided to attempt a system restore to the previous day. I encountered the same kind of validation problems as jscottpanama. I entered the Microsoft CoA key code from my label and Windows XP did not accept it. I basically had to follow up on the telephone activation option. After some tediousness, I was able to enter a code to log into XP. The system restore was successful as well. Although I didn't see that oembios.dat was restored to the System 32 folder. The problem did mess up my AVG 7.5. I had to upgrade to AVG 8.0 which I had to do anyway. I take it that oembios.dat is related to the windows authentication process. My question would be does it serve any other purpose? It seems I can log on okay. Should I just leave it where it is. I appreciate all the posts on the thread. Posts by yourself, ky331 and nosirrah have been very helpful.