SpyBot False Positive

[Guest]

SpyBot False Positive

I've found a false positive in Spybot Search and Destroy while running a
full scan this weekend.

It detects the following as AntiSpyWare2007:

Cookie:
(e-mail address removed)/

Bookmarks:
http://www.superantispyware.com/definitions.html
http://forums.superantispyware.com/
http://www.superantispyware.com/scr...tid=CSR0004xxxx&[email protected]
http://www.superantispyware.com/scr...tid=CSR0005xxxx&[email protected]
http://www.superantispyware.com/scr...tid=CSR0006xxxx&[email protected]
http://www.superantispyware.com/scr...tid=CSR0004xxxx&[email protected]

the "ticket ids" and my email address are of course obfuscated

Now, while I may not be the biggest fan of SuperAntiSpyWare, I certainly
don't consider them to be malware, unless of course SaferNetworing knows
something I don't

So detecting bookmarks and cookies from SuperAntispyware.com is obviously an
error.
If someone in the group has some contact with Spybot S&D could you let them
know.

Thanks,
?
Tim

 

[Guest]

Tim, I'm a little confused - I have Spybot S&D and SuperAntiSpyware both
installed and run them regularly and I have no false positives - or any
indication of problems. I wond why you do and I don't? My versions
installed are:

Spybot S&D Version 1.4 Definitions 2007-05-09

SuperAntiSpyware Version 2.7.1018 Core 3237 definitions

 

[Guest]

Obviously I can't type today - my post should have read as below

 

[Guest]

John,

SB S&D is NOT detecting SASW as a problem.
It is detecting cookies and bookmarks to the SASW site as problems.

If you want to test it you could go to:
http://www.superantispyware.com/definitions.html
http://forums.superantispyware.com/

and bookmark them in IE (I use 6).
then run SB S&D to see what it finds.

This assumes of course that you have SB S&D set to check bookmarks
(favorites) and cookies

?
Tim

 

[Guest]

I do have it set to test bookmarks. I will set SuperAntiSpyware as bookmark
and test it - thanks.

 

[Guest]

Not sure what is going on, Tim - I set the two URL's you specified as
favorites in IE7 and then ran Spybot S&D (twice) with no problems found.
Sorry, I didn't help.

 

[Guest]

John,

Thanks for double checking for me.
Strange?
Very strange, I don't know what to say.

Obviously there is no danger involved here.
I will not delete the cookie or the the bookmarks, but if I did it would not
hurt anything. I have not used those bookmarks in quite a while, except for
the "definitions" one, and the cookies would just be recreated on my next
visit.

Anybody else have any feed back on this?

?
Tim
Geek w/o Portfolio

 

[Alan]

My Spybot S&D ran automatically at 4:00 AM this morning. It showed red
regarding information that my Windows firewall had been turned off. However,
in the explanation column, it stated that if I knew the reason for its being
turned off (Yes, I do know -- Zone Alarm turns it off.), then I should
ignore that warning message.

Alan

 

[Alan]

For those that are interested, here is the log from SpyBot that was
generated:

Microsoft.WindowsSecurityCenter.FirewallDisabled: Settings (Registry change,
nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\EnableFirewall!=dword:1

Microsoft.WindowsSecurityCenter.FirewallDisabled: Settings (Registry change,
nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\EnableFirewall!=dword:1

Common Dialogs: History (47 files) (Registry key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

MS Office 9.0: Recently used files (30 files) (Directory, nothing done)
C:\Documents and Settings\alan\Application Data\Microsoft\Office\Recent\

Log: Activity: COM+.log (Backup file, nothing done)
C:\WINDOWS\COM+.log

Log: Activity: SchedLgU.Txt (Backup file, nothing done)
C:\WINDOWS\SchedLgU.Txt

Log: Activity: imsins.log (Backup file, nothing done)
C:\WINDOWS\imsins.log

Log: Activity: OEWABLog.txt (Backup file, nothing done)
C:\WINDOWS\OEWABLog.txt

Log: Activity: ntbtlog.txt (Backup file, nothing done)
C:\WINDOWS\ntbtlog.txt

Log: Install: comsetup.log (Backup file, nothing done)
C:\WINDOWS\comsetup.log

Log: Install: ocgen.log (Backup file, nothing done)
C:\WINDOWS\ocgen.log

Log: Install: setupact.log (Backup file, nothing done)
C:\WINDOWS\setupact.log

Log: Install: setupapi.log (Backup file, nothing done)
C:\WINDOWS\setupapi.log

Log: Install: setuplog.txt (Backup file, nothing done)
C:\WINDOWS\setuplog.txt

Log: Install: wmsetup.log (Backup file, nothing done)
C:\WINDOWS\wmsetup.log

Log: Install: DtcInstall.log (Backup file, nothing done)
C:\WINDOWS\DtcInstall.log

Log: Shutdown: System32\wbem\logs\mofcomp.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\mofcomp.log

Log: Shutdown: System32\wbem\logs\setup.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\setup.log

Log: Shutdown: System32\wbem\logs\wbemcore.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemcore.log

Log: Shutdown: System32\wbem\logs\wbemess.lo_ (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.lo_

Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log

Log: Shutdown: System32\wbem\logs\wbemprox.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemprox.log

Log: Shutdown: System32\wbem\logs\wmiadap.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiadap.log

Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log

Cookie: Cookie (181) (Cookie, nothing done)


Cache: Cache (958) (Cache, nothing done)


Cookie: Cookie (92) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2007-02-07 TeaTimer.exe (1.5.0.6)
2007-04-27 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-04-18 advcheck.dll (1.5.1.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-05-09 Includes\Beta.sbi (*)
2005-02-16 Includes\Beta.uti (*)
2007-05-09 Includes\Cookies.sbi (*)
2006-12-08 Includes\Dialer.sbi (*)
2007-05-09 Includes\DialerC.sbi (*)
2007-04-04 Includes\Hijackers.sbi (*)
2007-05-09 Includes\HijackersC.sbi (*)
2006-10-27 Includes\Keyloggers.sbi (*)
2007-05-09 Includes\KeyloggersC.sbi (*)
2007-03-21 Includes\Malware.sbi (*)
2007-05-09 Includes\MalwareC.sbi (*)
2007-03-21 Includes\PUPS.sbi (*)
2007-05-09 Includes\PUPSC.sbi (*)
2007-05-09 Includes\Revision.sbi (*)
2006-12-08 Includes\Security.sbi (*)
2007-05-09 Includes\SecurityC.sbi (*)
2007-03-21 Includes\Spybots.sbi (*)
2007-05-09 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti
2007-05-02 Includes\Trojans.sbi (*)
2007-05-09 Includes\TrojansC.sbi (*)

Alan