MBAM and RemoveWGA

Hi,

Suddenly Malwarebytes' Anti-Malware is giving this warning on RemoveWGA:
D:\RemoveWGA\Version 1_1\RemoveWGA.exe (HackTool.RemoveWGA)

RemoveWGA was made in the past by gkweb, see:
https://www.wilderssecurity.com/showthread.php?t=135257

I know that gkweb later removed his tool.
And I understand that.

(Please note that I have a legit Windows !!!)

I'm just wondering why MBAM is suddenly now giving a warning about it.
And why, if MBAM wants to do that, it is only giving a warning on version 1.1 and not on 1.02 or 1.2

 

A question that only MBAM can answer accurately?
Did you report false positive?
And why not get just get rid of the old version?

 

From the detection name it does not look like a FP

 

It's a tool to crack Windows 7 Activation. By Removing it all together. This thing has been floating around for a wile now. Aslo Mbam also detects Windows XP Activation cracks as I.Stole.Windows. You don't know how many keys I had to order for customers just because there windows was not Legit.

 

Hi FanJ,

If you believe it to be a F/p then we have a channel to review files/and or detections
http://forums.malwarebytes.org/index.php?showforum=42

Just out of curioisty what is VT saying about the tool ?
http://www.virustotal.com/

 

You cant post VT logs here but you can post how to look them up without the actual file .

Google for "RemoveWGA.exe" in advanced mode on domain virustotal.com , the answer is there .