MS Anti Spy anomaly.

Discussion in 'other anti-malware software' started by Arup, May 23, 2005.

Thread Status:
Not open for further replies.
  1. Arup

    Arup Guest

    I use MS Anti Spyware along with Ad Aware from time to time as a scanner. I decided to scan my system after upgrading to the latest signature for my MS Anti Spy, it detected a so-called RAT which turns out to be the latest MS Win2K Support Tool downloaded from MS's site last week.

    Check out the attached image.
     

    Attached Files:

  2. Stephanos G.

    Stephanos G. Registered Member

    Joined:
    Mar 29, 2005
    Posts:
    720
    Location:
    Cyprus
    hmmm are you sure for this?
     
  3. Arup

    Arup Guest

    Absolutely sure, checked the folder as well and also scanned with Spybot and Ad Aware.
     
  4. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Submit the file for analysis over here and keep us informed about the result ;) . In case it's not a false postive, give one of the cleaners mentioned over here a try.

    regards.

    paul
     
  5. Arup

    Arup Guest

    Kaspersky declared it clean, also Avast and Anti Vir.
     
  6. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Fairly sure a false positive - at least as fro Cyanure. IN MS Antispyware, you can go to tools > suspected spyware report and inform MS about it.

    regards,

    paul
     
  7. Arup

    Arup Guest

    Thanks Paul, will do, it is ironic as MS is detecting its own software as a spyware when other 3rd party apps clear it.
     
  8. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Hehe....MS does strange things, dont even try to understand why :ninja:
     
  9. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    Maybe the description is right? ;)
     
  10. Stephanos G.

    Stephanos G. Registered Member

    Joined:
    Mar 29, 2005
    Posts:
    720
    Location:
    Cyprus
    Possible the description to be right.
     
  11. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, gerardwil

    Are you sure only Maybe? :rolleyes:

    Take Care,
    TheQuest :cool:
     
  12. Arup

    Arup Guest

    If you mean by description that the MS remote.exe is a RAT, it is quite contradictory, it came with MS tools downloaded from MS site so I find it highly unlikely plus you will see that scans with major AV have pronounced it to be safe, also, at no point does my firewall or TCP View detect any suspicious activity emanating from that file.
     
Loading...
Thread Status:
Not open for further replies.