while i was cleaning out all of the old logs from the SB distributed testing client i went into the includes folder and noticed that the file extension was the same as SB SD so i copied the files into the SB SD includes folder and did a scan with only the the new files and something was detected so i clicked fix and then rescanned to see if was gone and sure enough it was here is a screenshot i took.http://img231.imageshack.us/img231/2127/testkp0.png (http://img231.imageshack.us/my.php?image=testkp0.png)

In general, SDDT rules are read only - they're for early testing, would not want false positive trouble there ;)
Still, they're very similar, you guessed right there :)

If that is the case here, I'm not sure, one of our detectives who has written or reviewed those rules will have to say.

well in that case i will not do that again just to be on the safe side