Norton Anitvirus labels spybot/blindman.exe as trojan?

[Bracken]

Hello I am sorry if this is asked alot, but i searched and could not find an answer.

I have had NAV and SB search and destroy both installed on my pc for close to a year now, then all of a sudden this morning when i booted NAV claimed that SB's blindman.exe was a trojan and attempted to remove it. Now i cannot run spybot search and destroy

Anyone have any idea's on what i should do? I don't use computers much and would be very thankful if someone could point me in a starting direction

Thank you for reading,
Bracken

[md usa spybot fan]

The problem should be reported as a false positive to Symantec for resolution.

Background information:

• What is blindman.exe for?
  http://www.safer-networking.org/inde...=faq&detail=25

[Bracken]

hi,
Thank you very much for taking the time to respond. I managed to get it sorted by reinstalling Spybot again. I will go make that report now. Once again thank you for your help.

[Confused1-SSDv1.3]

Thank you for posting this problem Bracken, I was searching for this exact question.

Thank you for your very concise & helpful answer md usa spybot fan.

For others information it also applies to SS&D v 1.3 as a false positive although v1.3 still functions with "blindman,exe" quarantined.

It wasn't until I checked the report that I realised where the so called trojan resided & reinstated it - 1.3 still updated while informing me that Blindman had been corrupted ( while it was still in quarantine )

Have run SS&D since 2003 when I first got this Pc & learned of it, am running norton's systemworks 2003 & NIS 2005 - never had a problem with compatibility until this last AV update 30-05-2007. There was another update from them today, perhaps they've fixed the false positive now?

I hadn't realised how erm, "uncompromising" symantec has become & am disgusted at their reluctance to respect how vital SS&D is to the home user ( in particular) or how trusted Spybot has proved itself through the many years it has protected users!

Rethinking next renewal or update of "paid for" product now & updating spybot to 1.4 when new drive is intalled in very near future.

Safe Surfing
Confused1-

[BloomKitty]

Same thing happened to me yesterday, after a Norton AV live update of virus definitions.

Very interesting -- perhaps Symantec is just fighting dirty against a worthy (and free) competitor. Blindman.exe isn't a threat to our PC's, Spybot is the threat to Symantec.

Verrrrrry interesting........

-Mary

[md usa spybot fan]

BloomKitty (Mary):

I certainly wouldn't assume that Symantec is just fighting dirty against competitor. Unfortunately false positives (if that is what it truly is) also occur in Spybot-S&D.

Et Al:

BloomKitty also has another thread that they started in the New or undetected forum:

• Blindman.exe a Trojan Horse?
  http://forums.spybot.info/showthread.php?t=14335

[Bracken]

Sorry i did not realise but I was also running 1.3 and it was upgrading to 1.4 which stopped it.
So It seems maybe it was just the 1.3 version of blindman.exe which Nortan mistaked?

[AplusWebMaster]

FYI...

- http://isc.sans.org/diary.html?storyid=2897
Last Updated: 2007-05-31 19:09:25 UTC ~ "We have received a couple of reports that Symantec Antivirus triggers on the file 'blindman.exe', part of the SpyBot Search & Destroy package. Apparently only the file included with version 1.3 was detected as a trojan, not the one included with the more recent version 1.4. Symantec has confirmed this issue occurred in the 05/30/2007 rev.020 Intelligence Update and LiveUpdate definitions. They've made available Rapid Release definition build 69173 (extended version 05/30/2007 rev. 035) to resolve the issue. LiveUpdate definitions that correct the issue were also published, version 90530ao (Sequence number: 69179; extended version 05/30/2007 rev.041)."

.