Results 1 to 6 of 6

Thread: Are these False detection results from Spybot - Search & Destroy

  1. #1
    Junior Member
    Join Date
    Nov 2018
    Posts
    3

    Default Are these False detection results from Spybot - Search & Destroy

    Hi, Are these 2 items in blue False detection results from Spybot - Search & Destroy.(free)
    Thanks for any help
    Karmar

    Operating System;- Windows 10 - Pro 64-bit
    Browser and Version;- Firefox Quantum 63.0.3 (64-bit)
    Version of Spybot;- version 2.7.64.0
    Malware Scanner;- 2.7.64.191
    where did the false positive occur;- Scan result

    Search results from Spybot - Search & Destroy

    26-Nov-18 9:32:53 PM
    Scan took 00:22:40.
    5 items found.


    Win32.Small.azl: [SBI $99B4BE91] Autorun settings () (Registry Value, nothing done)
    HKEY_USERS\S-1-5-21-198702542-466784759-2265100332-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
    Category=Trojans
    ThreatLevel=10
    Weblink=http://forums.spybot.info/showthread.php?39090


    Win32.Small.azl: [SBI $99B4BE91] Program file (File, nothing done)
    C:\Program Files\RogueKiller\RogueKiller64.exe
    Category=Trojans
    ThreatLevel=10
    Weblink=http://forums.spybot.info/showthread.php?39090
    Properties.size=33270840
    Properties.md5=13265EF9DC3F0DFA85146489D34746A4
    Properties.filedate=1542810602
    Properties.filedatetext=2018-11-21 14:30:02


    MS Regedit: [SBI $C3B62FC1] Recent open key (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-198702542-466784759-2265100332-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey
    Category=Tracks
    ThreatLevel=2
    Weblink=http://forums.spybot.info/forumdisplay.php?54

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
    Category=Tracks
    ThreatLevel=2
    Weblink=http://forums.spybot.info/forumdisplay.php?54

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
    Category=Tracks
    ThreatLevel=2
    Weblink=http://forums.spybot.info/forumdisplay.php?54


    --- Spybot - Search & Destroy version: 2.7.64.131 DLL (build: 20180214) ---

  2. #2
    Junior Member
    Join Date
    Nov 2018
    Posts
    3

    Default

    Any have an answer for this?

    Anyone else use RogueKiller 64bit and get these results when running Spybot - Search & Destroy.

    Karmar

  3. #3
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,282

    Default

    Hello Karmar,

    I did link the team to your topic, I will check back.

    Thank you for reporting.
    Microsoft MVP Reconnect 2018
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  4. #4
    Member of Team Spybot roberto's Avatar
    Join Date
    Oct 2005
    Posts
    59

    Default Resolved with updates from 2018-11-28

    Hello Karmar,

    we updated the signatures for Win32.Small.azl today. RogueKiller64.exe should not be triggered anymore.

    Thanks for reporting this issue.

    Kind regards,
    Roberto.
    Please help us improving Spybot and download our distributed testing client.

  5. #5
    Junior Member
    Join Date
    Nov 2018
    Posts
    3

    Default

    Hi Roberto,
    Just to let you know it's Still the same, no change from my first post.
    Run update and system scan several times to check.

    Karmar

    Search results from Spybot - Search & Destroy

    02-Dec-18 1:35:08 PM
    Scan took 00:24:44.
    4 items found.


    Win32.Small.azl: [SBI $99B4BE91] Autorun settings () (Registry Value, nothing done)
    HKEY_USERS\S-1-5-21-198702542-466784759-2265100332-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
    Category=Trojans
    ThreatLevel=10
    Weblink=http://forums.spybot.info/showthread.php?39090

    Win32.Small.azl: [SBI $99B4BE91] Program file (File, nothing done)
    C:\Program Files\RogueKiller\RogueKiller64.exe
    Category=Trojans
    ThreatLevel=10
    Weblink=http://forums.spybot.info/showthread.php?39090
    Properties.size=33280568
    Properties.md5=D6E61547397F54CF7C2BE54040EDF40B
    Properties.filedate=1543336694
    Properties.filedatetext=2018-11-27 16:38:14

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
    Category=Tracks
    ThreatLevel=2
    Weblink=http://forums.spybot.info/forumdisplay.php?54

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
    Category=Tracks
    ThreatLevel=2
    Weblink=http://forums.spybot.info/forumdisplay.php?54

    --- Spybot - Search & Destroy version: 2.7.64.131 DLL (build: 20180214) ---

  6. #6
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,282

    Default

    Hello Karmar,

    The rule has been removed from the database so if you have updated it shouldn't be detected.

    Best regards.
    Microsoft MVP Reconnect 2018
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •