View Full Version : Dialer_XX

2006-01-15, 04:21
Well, this one is old, maybe six months or more and it's still wrong.
I ran at this time Spybot and it found Dialer_XX.
When I saw the file it has found, I knew it was wrong. It says
Autostart file:
g:\winnt\profiles\all users\start menu\programs\startup\wordspring.lnk
It turns out that such file is exactly a shortcut for Alcoda Software's Word Spring application:
I purchased this utility two years ago and I'm happy with it. As you see, the problem is not the program itself (that's an English dictionary I use because my native language is not English) but the shortcut. Thinking it was infected, I deleted it and created a new shortcut. Same flaw. After some weeks, I contacted Safer Networking by email and I remember a woman replied asking me for the file. I took care to send THE LNK ITSELF AND NOT THE PROGRAM but Spybot continued complaining against it. One month afterwards, I contacted the same email address where I was asked to send the file and never got an answer. Several months have passed, I've updated Spybot's signatures countless times and it still flags the Windows shortcut as Dialer_XX. Is there anyone at Safer Networking interested in fixing this false positive?



2006-01-15, 05:04
Hello cvalde.
I will bring this topic to Team's attention, thank you for reporting. :)

2006-01-16, 12:09
Hello cvalde,

please send us the "wordspring.lnk" for further investigations to detections(at)spybot.info with the subject "Dialer_XX - further investigation".


2006-01-19, 08:03
Thanks, I forgot to reply here (in case it's necessary) that I already sent the file one day ago.


2006-01-19, 12:08
Thanks for sending the file. We found the reason for this false positive. The fix will be available in the next update which is scheduled for tomorrow. ;)