False Positive

[Jay]

After updating spyware definitions to 5753, I'm now getting
the IBIS Toolbar Adware detected at location
C:\windows\unvise32qt.exe.

Unvise32qt.exe in c:\windows is in fact, the uninstaller
for Quicktime 5 (and possibly later versions as well).

I've run adaware, spybot, spyweeper and a-squared and none
of them flagged this file as malware nor do they find any
malware whatsoever on my system.

This is a false positive. Does this need to be reported
somewhere besides this newsgroup?

 

[Seagal]

Unvise32qt.exe in c:\windows is in fact, the uninstaller
for Quicktime 5 (and possibly later versions as well).

also quicktime 6.x

 

[AndyManchesta]

Thanks for the report Jay

I agree its a false positive so I'm sure it will be
addressed by the next definition release, Its a Vise
uninstaller file like you say and I cannot see any
connection with this filename and IBIS plus IBIS is a
pain to remove and brings alot more to the system than
one file so thanks for posting about this,

I have a feeling there will be alot more posts about
unvise32qt.exe in the next few days on here. I dont think
you need to report it anywhere else, Alot of respected
MVP's use these groups so Im sure its already caught
thier attention and has been passed back to the MSAS
team.

Regards

Andy

 

[Guest]

I agree its a false positive so I'm sure it will be
addressed by the next definition release, Its a Vise
uninstaller file like you say and I cannot see any
connection with this filename and IBIS plus IBIS is a
pain to remove and brings alot more to the system than
one file so thanks for posting about this,

why MSAS doesn't have an hashset for the files in order to
kill the false positive? it's not goood catch a false
positive only because the same name of another trojan