MS AntiSpyware says a lot of processess are spyware. Is this true?

I've run Microsoft AntiSpyware a couple of times and it shows lots of processess I've always thought were safe to be "a known spyware free process that uses autostart properties to run." Processess like fast.exe, InCD (Nero) and some others I have deleted...

Now, should I trust MS AntiSpyware? You know, it' a beta version... (Beta1). In other words, can I safely remove files/processes this software indicates as spyware?

Thanks,

Lincoln
LincolnCarvalhoAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

greyknight17Commented:
Hi Lincoln, yes MS AntiSpyware seems to be catching some false positives.  I seen one user who said it catches Firefox as being a threat also.

What I recommend is checking out what it found first.  If it's something you recognize like Nero, I would ignore it's warning.

Not sure if you have these installed already, so here are other spyware removal programs:

Please download Ad-aware SE (http://www.lavasoftusa.com) and install it if you don't have it already.  Make sure it's the newest version and check for any updates before running it.  Go to http://www.lavasoftusa.com/software/addons/vx2cleaner.shtml to get the plug-in for fixing VX2 variants.  To run this tool, go into Ad-aware->Add-ons and select VX2 Cleaner.  Then click Run Tool and OK to start it.  If it's clean, it will say Status System Clean.  Otherwise, you will have to click on the Clean button to remove the VX2 infection.  Run the scan and fix everything that it finds.

Download and install Spybot S&D (http://security.kolla.de/).  Run Spybot and click on the 'Search for Updates' button.  Install any updates that are available.  Next click on the 'Check for Problems' button.  Let it run the scan.  If it finds something, check all those in RED and hit the 'Fix Selected Problems' button.  Exit Spybot.  If you keep getting the DSO Exploit entries, even after you updated Windows and fixed them, then download the Spybot DSO Exploit Fix (http://majorgeeks.com/download4392.html) and install it over the current Spybot installation.

This one below is specifically made to remove the CoolWebSearch infections.

Download CWShredder (http://www.greyknight17.com/spy/CWShredder.exe) and run it.  Click on 'I Agree' button if you agree with it.  Click on 'Fix' (it will automatically fix anything it finds for you) and OK.  If it asks if you want to delete a certain random file, choose No and post that filename here.  Let it finish the scan and then hit Next and Exit.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mugman21Commented:
like greynight was saying, you need to be very careful deleting things it detects. I use BearShare sometimes, killed all the spyware that came with it, but since it comes with spyware the actual app was listed as spyware.

The things it finds, if your not familuar with the file name, usually putting the full filename threw google will tell you what the file is and more than likely where you got it from.

Mugman
0
Rich RumbleSecurity SamuraiCommented:
I recommend Ad-Aware as well from lavasoft... M$ seems to be playing favorites these days, as I've seen it also detect FireFox as spyware, and the install was very new... I think they may actually be targeting legit programs, and or there are many FP's right now. Giant's spyware was very good before M$ bought them...
http://www.computing.net/windowsxp/wwwboard/forum/128906.html
http://www.ignition-project.com/node/376  (they are one to talk... see the screen shot and description)
-rich
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.