False Positive Remote.exe

Jan Coulson · Jan 7, 2005

MS AntiSpyware Beta detected the RAT trojan 'Cyanure'
within a file called remote.exe (Part of Microsoft's own
Windows 2000 support tools!!)

The creation and modification dates of the file are the
same as all of the other ustilities in that folder.

On demand scans with Sophos, Trend and pestpatrol failed
to find any threat.

I am 100% sure this is a false positive.

RWS · Jan 7, 2005

Are you 100% positive that Backdoor.Cyanure isn't just
using remote.exe?

Check out #939 in the following site's list:

(You may have to copy and paste the URL)

http://www.emsisoft.com/en/support/malware/default.aspx?
showmalware=trojan

Bill Sanderson · Jan 7, 2005

What definition version were you on when this detection ocurred?

(Help, About)

I've heard reports that the current definitions (5680, but beware--the
servers may not be reachable)--no longer give this reading.

False Positive - MS Support Tool Remote.exe	0	Jan 6, 2005
4 false positives.	1	Jan 7, 2005
Doen not like Microsoft software	3	Jan 7, 2005
If you "cleaned" the false positive from 5805....	14	Feb 11, 2006
False Positive with Beast (RAT)/ImagePak	3	Feb 2, 2005
False positive	4	Mar 14, 2006
New False Positive from Spyware Doctor?	2	Feb 2, 2007
PCANDIS5.sys Trojan or False Positive?	5	Jun 28, 2008

False Positive Remote.exe

Jan Coulson

RWS

Bill Sanderson

Ask a Question

Similar Threads