Many "False Positives" for older version.

[caterwaul]

Besides the CoolWWWSearch multiple "false positive" - thread link: http://forums.spybot.info/showthread...522#post212522

Please post a reply if ANY of these (listed below) are NOT considered "false positive" but it certainly looks to be the case.

I am listing what would appear to be many other "false positives" that I have in the past year or so been "fixing":

Evileye: C:\WINDOWS\APPLOG\CONFIG.LGC

This would appear to be a valid Windows application log file and not "Evileye spyware". (I restored (repaired) it).

Win32.Agent.pz: HKEY_CURRENT_CONFIG\Software\Microsoft\windows\
CurrentVersion\Internet Settings\ProxyEnable

This would appear to be the valid Windows registry setting for "Proxy" setting. I wondered why my "proxy setting" had changed awhile back in IE6. This change was unknown to me at the time and "disabled" my Web Shield Virus protection (for I'm not sure how long). System fixed this when I reset Proxy settings.

FlashDollars.AntiVirusProtection: C:\WINDOWS\Start Menu\Programs\Antivirus Protection\

This was part of what I have in my "Start Menu" (thought something was missing but wasn't sure until now). (I restored it thankfully). I was unsure about this for a long time but at some point "fixed" what was thought to be spyware by SB1.3.

NumbSoft: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Run\LoadPowerProfile

Power saving profile (presumable) - This appears to be reset (likely on a reboot). (I decided to leave this alone since it appeared to be okay) - it is now set at: "Rundll32.exe powrprof.dll,LoadCurrentPwrScheme"

PLEASE TELL ME IF THIS SETTING DOES NOT LOOK RIGHT FOR "LoadPowerProfile" setting!

Stration.C: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Run\scanregistry

I had left this for years it seems since I knew this was the "auto" registry scan register setting for Win98 but apparently I had "fixed" this (by mistake). Nevertheless my Registry is getting backed up on bootup each new day and the setting is "c:\windows\scanregw.exe /autorun" WHICH LOOKS OKAY TO ME. (since it is working and looks okay I left this alone and did not "repair" restore).

Again if any settings don't look right that I haven't change let me know.

These "False Positives" on SB1.3 have been around for a long time in some cases.

Since SB1.5.2 doesn't work on my WIN98SE (see link below for details) and you are not supporting older versions I can only hope that version 1.6 will work on WIN98SE.

http://forums.spybot.info/showthread.php?t=29644

[Yodama]

hello,

Spybot 1.3 is very outdated, at least use 1.4 if 1.5.2 or 1.6 do not run on your Win98.
Some of these false positives will resolve if you upgrade your installation of Spybot S&D. Spybot 1.3 is not capable of advanced flow control mechanism and thus will produce false positives with detection rules made for newer version of Spybot S&D.

Evileye: C:\WINDOWS\APPLOG\CONFIG.LGC

This is due to an outdated Trojans.sbi, this false positives should not occur with a current version of the Trojans.sbi.

All of the findings you reported in this thread are false positives.
But only

FlashDollars.AntiVirusProtection: C:\WINDOWS\Start Menu\Programs\Antivirus Protection\

will be resolved with the next detection update.

You can also mark these findings to be ignored in the future so Spybot S&D will not show these false positives anymore.


If Spybot 1.5.2 did not run properly on your Win98 it is possible that 1.6 will not run either. But you should give it a try to get the most recent detection updates. At least use Spybot S&D 1.4 if the newer version do not run on your system due to memory issues.
You can get Spybot S&D 1.4 here from oldversions.com

But remember if you should use an NT-based operating system (WinNT,Win2000,WinXP and newer) use the most current version of Spybot S&D to avoid damage due to incompatibilities and advanced threats.

[wyrmrider]

Hi
I'm looking at your other thread but is not the issue non removal of 1.3 due to t-timer issues ?

anyway 1.6 works for me on my W98 SE machine

let's keep the discussion on your upgrade issue in the other thread

Yodama- take a peek at the other thread
any ideas?

Cat-- did you get any more ram?

[caterwaul]

hello,

Spybot 1.3 is very outdated, at least use 1.4 if 1.5.2 or 1.6 do not run on your Win98.
Some of these false positives will resolve if you upgrade your installation of Spybot S&D. Spybot 1.3 is not capable of advanced flow control mechanism and thus will produce false positives with detection rules made for newer version of Spybot S&D.


This is due to an outdated Trojans.sbi, this false positives should not occur with a current version of the Trojans.sbi.

All of the findings you reported in this thread are false positives.
But only

will be resolved with the next detection update.

You can also mark these findings to be ignored in the future so Spybot S&D will not show these false positives anymore.


If Spybot 1.5.2 did not run properly on your Win98 it is possible that 1.6 will not run either. But you should give it a try to get the most recent detection updates. At least use Spybot S&D 1.4 if the newer version do not run on your system due to memory issues.
You can get Spybot S&D 1.4 here from oldversions.com

But remember if you should use an NT-based operating system (WinNT,Win2000,WinXP and newer) use the most current version of Spybot S&D to avoid damage due to incompatibilities and advanced threats.

Regarding: SB1.4 - The teatimer had display issues (I know there is a "fixit" patch that has been offered but I had avoided this version because this was never directly addressed by the SB programmers but instead just left for others to work around. Also a more important concern at this point is the question as to whether or not this version will be supported at all by SB going forward. There is an announcement that is confusing frankly referring to users that could not get 1.4 to work and how SB will not support older versions and then at the same time the announcement suggests that only "current" versions will be supported (what ever that means). I have requested clarification on this.

Regarding: SB1.6 - I'm willing to try it of course but I have my doubts that this will work any better considering that there are so many posts by users who have much more resources than I do and are experiencing performance issues as far as teatimer taking much to much resources and significantly slowing down their respective computers with to much process time and memory etc. I only have a 400mhz, 96RAM, PentiumII machine which is one of the reasons why I have been using SB1.3.

[caterwaul]

Hi
I'm looking at your other thread but is not the issue non removal of 1.3 due to t-timer issues ?

anyway 1.6 works for me on my W98 SE machine

let's keep the discussion on your upgrade issue in the other thread

The issue is not the "non removal of 1.3" it is only that 1.5.2 crashes my computer on shutdown with teatimer running.

I have moved this post to the other thread as you suggested.