MicrosoftSysinternals Azure DevOps Extension
MicrosoftThere is some stupid kind of filtering happening on the techcommunity site. There's a bug in the April updates that broke Microsoft's Policy Analyzer and CIS' CIS-CAT Pro tool. I diagnosed the problem and my comments about it kept disappearing until I posted it as a screenshot instead of as text. Can someone at Microsoft track down who owns techcommunity and get them to fix that? Thanks.
MicrosoftAh, I think I understand now.
To summarize - the original VirusTotal scan you reported is https://www.virustotal.com/gui/file/4063678b979a5423445068312730cbfd549073af093db84486fa9e4fc20806c7/detection.
Also your Reddit post - https://www.reddit.com/r/antivirus/comments/1j2s326/virustotal_relations/.
I'm checking the docs and it's unclear to me what their "Microsoft Sysinternals" package is - https://docs.virustotal.com/docs/external-sandboxes. It looks to be "Microsoft.SysInternals" from the winget community packages - https://github.com/microsoft/winget-pkgs/blob/master/manifests/m/Microsoft/Sysinternals/2025-02-13/Microsoft.Sysinternals.installer.yaml, which is a 3rd party package that does reference the official source. In this case, the first party package would be Sysinternals Suite from the Store - https://apps.microsoft.com/detail/9P7KNL5RWT25?hl=en-us, id 9P7KNL5RWT25.
Regardless, none of the Sysinternals tools "call home". It remains to evaluate what those "Relations " / "Behavior" -> "Network comm" reports from VirusTotal mean. It seems, like NateL1010 reported, to be extra traffic from any source, as noticed within the infrastructure at the time, so possibly benign. As a note, "static" analysis as performed by a service probably can't account for all the possible network activity of a program running on a live system.
Sorry, can't post my answer as text (I think your site already hates me):
p.s.
WTF "invalid HTML"? 🥲
MicrosoftI can understand your frustration. Keep in mind that this is a VirusTotal matter, that's why I was confused at first
Not sure why the techcommunity engine wouldn't let you post links. I transcribed them and added them in my first reply, and it just worked. I'll see whether I can loop someone from VirusTotal in; I don't think they're affiliated to Microsoft, but I am curious now.
Cheers!
Alex
Hello!
Alex, please explain why Microsoft Sysinternals is blatantly lying about the network activity of https://apps.microsoft.com/detail/xp8lvlmtsbd7wf, and what you're going to do to fix it?
Here is an https://app.any.run/tasks/74118c4a-9139-43ab-a406-34fbfe80f8b1 — it clearly shows that my app does not connect to any third-party domains during setup or normal operation except the one explicitly specified by the user:
Teamatica
Yet Sysinternals, as shown on VT, makes it look like my app contacts over 20+ unrelated domains:
VT
But this is a complete fabrication. As a developer I officially state that no such functionality exists in the code, and I demand a full review and immediate correction of this false report:
VT
p.s.
Sorry to contact you here, but my direct message via Message function doesn't work.
MicrosoftWhich tool, or do you refer to the Microsoft Store?
I apologize for this format of the answer, but your idiotic resource blocks everything:
p.s.
