Trend Micro - AdWare Alert for msinet.ocx

G

Guest

Get the following alert when running a scan with Trend Miro Anti-Spyware 3.5.

Assuming a false positive. Anyone disagree? Anyone at Microsoft want to
discuss with Trend Micro?

Detials below:

Name: Adware_XLocator
Trend Miro Database ID: 96099
Registry path:
SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/msinet.ocx

Description: Privacy threats can create entries in your registry, so that
they can store such things as configuration and personal information.

Threat: AdWare
Description: AdWare is a type of software that displays advertisements on
the computer screen while a computer is running. Typically, AdWare is built
into software that performs some other primary task such as file sharing.
The justification for AdWare is for the software developer to recover
revenue via advertising instead of for instance charging for their software.
Some Adware will collect the computers usage information (e.g. sites visited)
and send it up to a remote server on the internet where it is collected and
processed for marketing purposes.
 
D

David H. Lipman

From: "Tim" <[email protected]>

| Get the following alert when running a scan with Trend Miro Anti-Spyware 3.5.

| Assuming a false positive. Anyone disagree? Anyone at Microsoft want to
| discuss with Trend Micro?

| Detials below:

| Name: Adware_XLocator
| Trend Miro Database ID: 96099
| Registry path:
| SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/msinet.ocx

| Description: Privacy threats can create entries in your registry, so that
| they can store such things as configuration and personal information.

| Threat: AdWare
| Description: AdWare is a type of software that displays advertisements on
| the computer screen while a computer is running. Typically, AdWare is built
| into software that performs some other primary task such as file sharing.
| The justification for AdWare is for the software developer to recover
| revenue via advertising instead of for instance charging for their software.
| Some Adware will collect the computers usage information (e.g. sites visited)
| and send it up to a remote server on the internet where it is collected and
| processed for marketing purposes.



Please submit a sample of "msinet.ocx" to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it. In addition, unless told
otherwise, Virus Total will provide the sample to all participating vendors.

You can also submit a suspect, one at a time, via the following email URL...
mailto:[email protected]?subject=SCAN

When you get the report, please post back the exact results.
 
G

Guest

Clean - Results below

Complete scanning result of "MSINET.OCX", received in VirusTotal at
12.30.2006, 19:50:47 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.21 12.30.2006 no virus found
Authentium 4.93.8 12.30.2006 no virus found
Avast 4.7.892.0 12.30.2006 no virus found
AVG 386 12.30.2006 no virus found
BitDefender 7.2 12.30.2006 no virus found
CAT-QuickHeal 8.00 12.30.2006 no virus found
ClamAV devel-20060426 12.30.2006 no virus found
DrWeb 4.33 12.30.2006 no virus found
eSafe 7.0.14.0 12.30.2006 no virus found
eTrust-InoculateIT 23.73.102 12.30.2006 no virus found
eTrust-Vet 30.3.3289 12.29.2006 no virus found
Ewido 4.0 12.30.2006 no virus found
Fortinet 2.82.0.0 12.30.2006 no virus found
F-Prot 3.16f 12.30.2006 no virus found
F-Prot4 4.2.1.29 12.30.2006 no virus found
Ikarus T3.1.0.27 12.30.2006 no virus found
Kaspersky 4.0.2.24 12.30.2006 no virus found
McAfee 4929 12.29.2006 no virus found
Microsoft 1.1904 12.30.2006 no virus found
NOD32v2 1949 12.30.2006 no virus found
Norman 5.80.02 12.29.2006 no virus found
Panda 9.0.0.4 12.30.2006 no virus found
Prevx1 V2 12.30.2006 no virus found
Sophos 4.13.0 12.30.2006 no virus found
Sunbelt 2.2.907.0 12.18.2006 no virus found
TheHacker 6.0.3.139 12.29.2006 no virus found
UNA 1.83 12.29.2006 no virus found
VBA32 3.11.1 12.30.2006 no virus found
VirusBuster 4.3.19:9 12.30.2006 no virus found

Aditional Information
File size: 132880 bytes
MD5: 90a39346e9b67f132ef133725c487ff6
SHA1: 9cd22933f628465c863bed7895d99395acaa5d2a
 
D

David H. Lipman

From: "Tim" <[email protected]>

| Clean - Results below

< snip >

Yepper, a False Positive !

Use the following email URL to send Trend Micro a message.
mailto:[email protected]?subject=virus%20-%20False%20Positive

Explain that Trend Miro Anti-Spyware 3.5. is falsely eclaring the OCX file as malware.

Attach the "msinet.ocx" in a password protected ZIP file with the password being; infected
{ password = infected }

Also in the body of the email paste the contents of the clean Virus Total report.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

2008 Trend Micro Internet Security is NOT is compatible with WindowsVista SP1 and Windows XP SP3 1
2008 Trend Micro Internet Security is NOT is compatible with WindowsVista SP1 and Windows XP SP3 12
Did I put a hole in my Trend Micro security wall? 1
MS AS, Adware, & Spybot on "clean" system 1
WildMedia.OverPro 5
threats return after restarting the system 1
VIRUS ALERT!!! and ways to protect your pc 16
virtumondo adware - does this info help? 11

Top