I have been using these utilities for a while, only recently (as of Nov 30?) has Spybot (perhaps through TeaTimer) 'detected' Yobdam.ait within them.
Curiously the window popped up titled "Spybot - Search & Destroy", claiming "...has encountered & terminated a process ... listed as part of a malicious (SW)". I was the one to have closed these programs. The windows only popped up after closing the aforementioned utilities.
I am using WinXP-SP3, running FF8, Spybot 1.6.2.46, and both files have 'yobdam.ait' detected. I understand that these utilities were written using AutoIT from conversations with one author. In fact, it was through that conversation that Avira (potentially, technically malware itself - more later) corrected a false-positive of their own.Originally Posted by From 'Resident.log
*Note: I only include the preceding quote for anecdotal reasons, as i cannot directly link to this report, as it uniquely identifies me.Originally Posted by AviraVirusLabResponseTeam
1) UniExtract available here --> http://legroom.net/software/uniextract
2) FindHwids_v3.2p available here --> http://forum.driverpacks.net/viewtopic.php?id=3018
Through this experience, i have lost faith in TeaTimer/Spybot's ability to stop real malware. I still love the 'immunization' function, & I remember with fondness how Spybot found all that spyware in CreativeLabs' driver CD's (et al) years ago.
Thank you for your consideration.