PC Review
Home Forums Reviews Articles Register
Member Login:

PC Review > Forums > Newsgroups > Microsoft AntiSpyware > Security Signatures > 4 false positives.

Reply
Thread Tools Rate Thread

4 false positives.

 
 
Dr Pizza
Guest
Posts: n/a
 
      7th Jan 2005
It claimed that tapicfg was CoolWebSearch. It isn't (at least, the file it
found isn't, maybe CWS has something of the same name). It's part of
Windows Server 2003. The default is to remove this (which for CWS makes
sense...) but it shouldn't be touching it.

It similarly claimed that remote.exe in the Win2K Support Tools is
malicious. It's claiming it to be Cyanure or somesuch. It's not. It is a
tool that could be used for nefarious things (it's a remote control tool),
but it's not ipso facto malicious. Detecting it as an enabler would be
reasonable, perhaps.

It believed tvenuax.dll from an (ancient) version of Lernout and Hauspie
TruVoice to be WhenU.SaveNow, which again is not the case.

Finally, it detected sporder.dll from SafeTP as part of WebHancer. Again,
it ain't. Potentially it can be (there is a sporder.dll in WebHancer,
AIUI), but it's an MS-distributed dll that's perfectly legitimate.

Is there a mechanism within the program itself for reporting false
positives?
 
Reply With Quote
 
 
 
 
Bill Sanderson
Guest
Posts: n/a
 
      8th Jan 2005
This is the place to report false positives.

"Dr Pizza" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> It claimed that tapicfg was CoolWebSearch. It isn't (at least, the file
> it
> found isn't, maybe CWS has something of the same name). It's part of
> Windows Server 2003. The default is to remove this (which for CWS makes
> sense...) but it shouldn't be touching it.
>
> It similarly claimed that remote.exe in the Win2K Support Tools is
> malicious. It's claiming it to be Cyanure or somesuch. It's not. It is
> a
> tool that could be used for nefarious things (it's a remote control tool),
> but it's not ipso facto malicious. Detecting it as an enabler would be
> reasonable, perhaps.
>
> It believed tvenuax.dll from an (ancient) version of Lernout and Hauspie
> TruVoice to be WhenU.SaveNow, which again is not the case.
>
> Finally, it detected sporder.dll from SafeTP as part of WebHancer. Again,
> it ain't. Potentially it can be (there is a sporder.dll in WebHancer,
> AIUI), but it's an MS-distributed dll that's perfectly legitimate.
>
> Is there a mechanism within the program itself for reporting false
> positives?
>
>
 
Reply With Quote
Reply

« navisearch and bargain buddy and cookies not found | Sig Test »
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
False positives? =?Utf-8?B?TFA=?= Spyware Discussion 4 7th Oct 2005 09:40 AM
False Positives?! Paolo Spyware Discussion 1 20th Jul 2005 12:44 AM
False Positives Heriberto Maza Spyware Discussion 1 4th Apr 2005 05:03 PM
False Positives anonymous Spyware Discussion 1 28th Jan 2005 07:45 PM
False positives Mike Ziegler Security Signatures 4 19th Jan 2005 01:11 AM


Features
Forums Startup Database Reviews Articles FAQ / Guidelines About Us
 

Advertising
 

Newsgroups
Windows Vista Windows XP Microsoft Word Microsoft DotNet Windows 2000 AntiSpyware Microsoft Access Microsoft Excel Microsoft Outlook Hardware
 


All times are GMT +1. The time now is 03:19 PM.
Powered by vBulletin®. Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2010, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top