Page 4 of 5 FirstFirst 12345 LastLast
Results 31 to 40 of 41

Thread: right click scanning of spybot detects smitfraud c all over the place!

  1. #31
    Junior Member
    Join Date
    Mar 2008
    Location
    USA
    Posts
    6

    Default All False Positives in MSDOS Files Fixed

    I want to report that with the definition updates on July 16, all false positives for Heuristic right-click scans are fixed, as regards my saved MSDOS 6.22 .com and .exe files.

    Thank you
    Submitted IMHO, by Wiz!

  2. #32
    Senior Member Yodama's Avatar
    Join Date
    Oct 2005
    Location
    Buchenheim
    Posts
    1,110

    Default

    Quote Originally Posted by robertlee View Post
    The malware scan shows nothing found; the heuristic scan shows the red caution symbol at: nsDefaultCLH.js __ Win32. Zhelatin.VG
    Thank you for reporting this, this false positive will be fixed with the next update of the trojans.sbi which is scheduled for today ( Wednesday ).

    Also thanks to everyone else for feedback and reporting the other false positives.
    born in the shadow to die in the shadow, that is the fate of the shinobi

    Spybot S&D Downloads

    Please help us improve Spybot and download our distributed testing client.

  3. #33
    Junior Member
    Join Date
    May 2008
    Location
    MO USA
    Posts
    2

    Default Mozhelatin

    Spybot v1.6 found what I hope is a false indication within Mozilla Firefox
    v3.0.1 installer package.

    I sometimes unzip installer packages and scan the contents.
    Spybot did not report this before expanding the installer.

    "Firefox Setup 3.0.1.exe\nonlocalized\components\nsDefaultCLH.js"
    was marked as Win32.Zhelatin.vg by Spybot Heuristics.

    MD5 for this file downloaded from Mozilla.org on 07/22/08-
    (using MD5 Summer) acf41e73a9844a3f6410017f09c849al

    I read recently that Firefox is now a mild form of spyware for Mozilla.org.

  4. #34
    Senior Member Yodama's Avatar
    Join Date
    Oct 2005
    Location
    Buchenheim
    Posts
    1,110

    Default

    Hello,

    this is a false positive of the heuristics scan which was also addressed here

    It has been fixed with the latest detection updates released this Wednesday.
    born in the shadow to die in the shadow, that is the fate of the shinobi

    Spybot S&D Downloads

    Please help us improve Spybot and download our distributed testing client.

  5. #35
    129260
    Guest

    Lightbulb hey yodama,

    I just wanted to report that now all my issues are fixed with the right click scanning now. I have yet to see any more problems with the latest updates. I will report if anything changes. Thanks so much!

  6. #36
    Junior Member
    Join Date
    Aug 2008
    Posts
    2

    Default zlib.dll - False Positive?

    When I single scan my Blender folder, I get the following information:

    Zlib.dll GuardianMonitor
    This is under the Heuristic section only.

    A regular scan with SpyBot does not show this.
    My other security software does not show this.
    Is this a false positive?

    Windows Defender
    Adaware 2008
    AVG (paid version)
    Windows XP Pro sp3
    Internet Explorer 7, FireFox latest version
    Latest spybot 1.6

    Thank You.

  7. #37
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,714

    Default

    Hello,

    Please follow instructions here How to report False Positives

    Thank you.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  8. #38
    Junior Member
    Join Date
    Aug 2008
    Posts
    2

    Default

    Thank you for the quick reply.
    I am sorry but I do not understand the information you requested.
    I have read the page suggested and have all the information that I can find.
    The single file scan does not produce a log of any of its findings. I can find the regular scan log easily, but no trace of the single file/folder scan. The window also does not allow me to do anything about the stated file, such as fixing the problem.
    Again, this happens when I right click and scan a single folder. The screen that I see has a red X in front of the file, zlib.dll.
    Under “status”, it states it is a “GuardianMonitor”.
    Could you please tell me what other information I can give to find out is this is a threat or a false positive.
    Thank you for your time.

  9. #39
    Senior Member Yodama's Avatar
    Join Date
    Oct 2005
    Location
    Buchenheim
    Posts
    1,110

    Default

    hello,

    this is a false positive with the heuristics part of the single file scanner. It will be corrected with the next update.
    born in the shadow to die in the shadow, that is the fate of the shinobi

    Spybot S&D Downloads

    Please help us improve Spybot and download our distributed testing client.

  10. #40
    Junior Member
    Join Date
    Nov 2007
    Posts
    16

    Question 2 serious FPs found on 2 legit apps on Flash drive S&D context scan

    Windows XP Professional SP-3
    FireFox 3.0.1
    Spybot S&D 1.6 update: 2008-08-27

    Found on the right-click Spybot scan (context scan I think) of my usb flash drive

    1. FixPolicies.exe, found here - http://cid-6aaab341ce47c5c2.skydrive.live.com/self.aspx/Public/FixPolicies.exe, was found under Spybot - Search & Destroy (Heuristic) as Virtumonde.

    2. DCProSetup.exe, found here - http: //downloads.guru3d.com/download.php?det=745#download, was found under Spybot - Search & Destroy (Heuristic) as SpyFalcon.

    Nothing was fix or deleted, they were just detected in the right-click Spybot scan and seemed to worry me, cause those are 2 very nasty things to have been detected.
    Last edited by tashi; 2008-08-29 at 05:13. Reason: disabled links

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •