PDA

View Full Version : Fixed: Possible false positive (2008-05-21 Beta.sbi)


md usa spybot fan
2008-05-21, 17:00
Possible false positive using the 2008-05-21 Includes\Beta.sbi detection rules.


--- Report generated: 2008-05-21 10:15 ---

RegistryFixIt: [SBI $4837D47B] Executable (File, nothing done)
C:\WINDOWS\unvise32.exe


--- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---

2008-01-28 blindman.exe (1.0.0.7)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-01-28 SDMain.exe (1.0.0.5)
2008-01-28 SDUpdate.exe (1.0.8.8)
2008-01-28 SDWinSec.exe (1.0.0.11)
2008-01-28 SpybotSD.exe (1.5.2.20)
2008-01-28 TeaTimer.exe (1.5.2.16)
2008-01-31 unins000.exe (51.49.0.0)
2008-01-28 Update.exe (1.4.0.6)
2008-01-28 advcheck.dll (1.5.4.5)
2007-04-02 aports.dll (2.1.0.0)
2007-11-17 DelZip179.dll (1.79.7.4)
2008-01-28 SDFiles.dll (1.5.1.19)
2008-01-28 SDHelper.dll (1.5.0.11)
2008-01-28 Tools.dll (2.1.3.3)
2008-04-16 Includes\Adware.sbi
2008-05-21 Includes\AdwareC.sbi
2008-05-21 Includes\Beta.sbi (*)
2007-11-06 Includes\Beta.uti
2008-05-21 Includes\Cookies.sbi
2007-12-26 Includes\Dialer.sbi
2008-05-21 Includes\DialerC.sbi
2008-05-21 Includes\HeavyDuty.sbi
2008-04-30 Includes\Hijackers.sbi
2008-05-21 Includes\HijackersC.sbi
2008-04-30 Includes\Keyloggers.sbi
2008-05-21 Includes\KeyloggersC.sbi
2008-05-21 Includes\Malware.sbi
2008-05-21 Includes\MalwareC.sbi
2008-03-26 Includes\PUPS.sbi
2008-05-21 Includes\PUPSC.sbi
2008-05-21 Includes\Revision.sbi
2008-01-09 Includes\Security.sbi
2008-05-21 Includes\SecurityC.sbi
2008-04-16 Includes\Spybots.sbi
2008-05-21 Includes\SpybotsC.sbi
2008-04-16 Includes\Spyware.sbi
2008-05-21 Includes\SpywareC.sbi
2007-11-06 Includes\Tracks.uti
2008-05-21 Includes\Trojans.sbi
2008-05-21 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
I submitted the C:\WINDOWS\unvise32.exe file to both of the followibg online scanners and received no indication of a problem:
Online malware scan (http://virusscan.jotti.org/) (virusscan.jotti.org)
VIRUSTOTAL - Free Online Virus and Malware Scan (http://www.virustotal.com/en/indexf.html) (Virustotal.com)
I will send the file to detections(at)spybot.info referencing this thread.
MisterW
2008-05-23, 11:52
Hello md usa spybot fan,
thanks for reporting that false positive. It will be fixed with the next update scheduled for Wednesday.

regards
Markus
Crystal Sky
2008-05-24, 15:52
Did not see this thread before I posted. Thanks for the update.
md usa spybot fan
2008-05-28, 15:31
MisterW (Markus):
et al.:

The detection no longer occurs with the 2008-05-28 updates.

Thank You,
md usa spybot fan
insomnia
2008-06-12, 20:20
I just got it :(

I have the latest version and have used updates before running scan and I immunised also


I am glad, at least it is a false positive
md usa spybot fan
2008-06-12, 20:45
insomnia:


... I am glad, at least it is a false positive
It may not be.

The detection that I received and was determined to be a false positive has not reoccurred for me since the 2008-05-28 updates with either the production sbi files nor the beta sbi files.

To help start determining if there is another false positive associated the unvise32.exe file or if the detection that you received is actually a legitimate detection of malware, please post the actual detection you are getting. Easiest way to do that is: Run another scan.
When the scan completes, right click on the results list, select "Copy results to clipboard".
Then paste (Ctrl+V) those results to a new post in this thread.