mvjordan
2008-01-15, 09:46
Hi, I may have a False Positive.
- Windows XP Professional
- IE 7
- FireFox 2.0.0.8
- I am running SpybotSD 1.5.1.15.
- I have downloaded all updates and been fully immunized.
- I ran Spybot in Safe Mode and the result is the same.
The FP occurs after a fix of the Scan result. The symptoms have been cleaned (see thread "Zlob.DNSChanger.Rtk constantly appears after removal by Spybot" in malware removal forum) but I still see the entry when I scan with SpybotSD:
--- Search result list ---
Zlob.DNSChanger.Rtk: [SBI $FE3023DF] Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System=...KDTKZ.EXE...
A Smitfraud scan after the cleaning process did not find the previously present process: KDTKZ.EXE. But Spybot does??
- Windows XP Professional
- IE 7
- FireFox 2.0.0.8
- I am running SpybotSD 1.5.1.15.
- I have downloaded all updates and been fully immunized.
- I ran Spybot in Safe Mode and the result is the same.
The FP occurs after a fix of the Scan result. The symptoms have been cleaned (see thread "Zlob.DNSChanger.Rtk constantly appears after removal by Spybot" in malware removal forum) but I still see the entry when I scan with SpybotSD:
--- Search result list ---
Zlob.DNSChanger.Rtk: [SBI $FE3023DF] Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System=...KDTKZ.EXE...
A Smitfraud scan after the cleaning process did not find the previously present process: KDTKZ.EXE. But Spybot does??