Main Page 
PC Review
Forums
Newsgroups
Microsoft AntiSpyware
Security Signatures
4 false positives.
Forums
Newsgroups
Microsoft AntiSpyware
Security Signatures
4 false positives.
 |
4 false positives. |
|
|
Thread Tools | Rate Thread |
07-01-2005, 02:09 AM
|
#1 |
|
Guest
Posts: n/a
|
4 false positives.
It claimed that tapicfg was CoolWebSearch. It isn't (at least, the file it
found isn't, maybe CWS has something of the same name). It's part of Windows Server 2003. The default is to remove this (which for CWS makes sense...) but it shouldn't be touching it. It similarly claimed that remote.exe in the Win2K Support Tools is malicious. It's claiming it to be Cyanure or somesuch. It's not. It is a tool that could be used for nefarious things (it's a remote control tool), but it's not ipso facto malicious. Detecting it as an enabler would be reasonable, perhaps. It believed tvenuax.dll from an (ancient) version of Lernout and Hauspie TruVoice to be WhenU.SaveNow, which again is not the case. Finally, it detected sporder.dll from SafeTP as part of WebHancer. Again, it ain't. Potentially it can be (there is a sporder.dll in WebHancer, AIUI), but it's an MS-distributed dll that's perfectly legitimate. Is there a mechanism within the program itself for reporting false positives? |
|
|
08-01-2005, 03:41 AM
|
#2 |
|
Guest
Posts: n/a
|
Re: 4 false positives.
This is the place to report false positives.
"Dr Pizza" <drpizza@quiscalusmexicanus.org> wrote in message news:ec6Oh4F9EHA.2532@cpmsftngsa05.privatenews.microsoft.com... > It claimed that tapicfg was CoolWebSearch. It isn't (at least, the file > it > found isn't, maybe CWS has something of the same name). It's part of > Windows Server 2003. The default is to remove this (which for CWS makes > sense...) but it shouldn't be touching it. > > It similarly claimed that remote.exe in the Win2K Support Tools is > malicious. It's claiming it to be Cyanure or somesuch. It's not. It is > a > tool that could be used for nefarious things (it's a remote control tool), > but it's not ipso facto malicious. Detecting it as an enabler would be > reasonable, perhaps. > > It believed tvenuax.dll from an (ancient) version of Lernout and Hauspie > TruVoice to be WhenU.SaveNow, which again is not the case. > > Finally, it detected sporder.dll from SafeTP as part of WebHancer. Again, > it ain't. Potentially it can be (there is a sporder.dll in WebHancer, > AIUI), but it's an MS-distributed dll that's perfectly legitimate. > > Is there a mechanism within the program itself for reporting false > positives? > > |
|
|
|
|
| Thread Tools | |
| Rate This Thread | |
|
|
