Spybot 1.4 RC2 F/P

Hi All,

Just an FYI

The latest Spybot (RC2) and using TDS latest Radius file

Code:

06:24:15 [Init] Loading Radius Advanced Scanning Systems ... <R3 Engine, DCS Labs>
06:24:24 [Init] • Radius Advanced Specialist Extensions on standby for 13 trojan families
06:24:24 [Init] • Systems Initialised [53484 references - 27446 primaries/13812 traces/12226 variants/other]
06:24:24 [Init] Radius Systems loaded. <Databases updated 29-04-2005>

Flags the Spybot blindman.exe as RAT.Delf.we2

Code:

Scan Control Dumped @ 10:37:54 29-04-05
Positive identification: RAT.Delf.we2
  File: c:\program files\spybot - search & destroy\blindman.exe

I have submitted the file to DCS thru TDS-3 internal SMTP feature

attached: screen shot of blindman's file properties

Regards,

Steve

 

They got it fixed before....and I know they'll get it fixed again

 

Hi Steve,

First of all of course: thanks !

Steve,
Have you checked it with the Radius-update of Friday 29-April-2005:
[53638 references - 27561 primaries/13851 traces/12226 variants/other]

I noticed that those are newer TDS-definitions than you posted

Sorry, at the moment I have not yet installed that Spybot 1.4 RC2.

Warm regards, Jan.

 

No unfortunately the radius file I was using was from the day before, which I had updated ealy this morning my time (EST). And when you use a proxy for updates, the current date is loaded regardless of the actually radius file date. I will update and rescan when I return home, I'm @ work ATM. ~Shhh don't tell the boss~

 

Hi Steve,

Yep, I can confirm your alert

I did (as quick as possible) a new installation of Spybot 1.4 RC2 on my W98SE system.
The MD5 checksum of the installation file:
The file <D:\SpyBotSD\Version 1_4 RC2\spybotsd14rc2.exe> has the following Checksum(s)
MD5 - B84ECFF06476E0FD975A6AE54A273963

The MD5 checksum of blindman.exe:
The file <C:\Program Files\Spybot - Search & Destroy\blindman.exe> has the following Checksum(s)
MD5 - B6F987EF44A780E1CBB3C277810F7FC1

My TDS-3 definitions:
[53638 references - 27561 primaries/13851 traces/12226 variants/other]

And the scandump with respect to that Spybot S&D file:
Scan Control Dumped @ 02:44:18 30-04-05
Positive identification: RAT.Delf.we2
File: c:\program files\spybot - search & destroy\blindman.exe

======

Well, as Bubba already also mentioned :
I am sure that Gavin will have a look at it after the weekend, and will fix it

Cheers, Jan.

 

OK I just got Home

Yes indeed with today's radius update it is detected:

And just to confirm, I have the same checksums

******

No doubt about it Never any worries from me.

Thanks and Have a Great Weekend Jan,

Steve

Ps. Thanks too Bubba, I wouldn't have searched the forum for possible past issues, as I had no doubt it was a F/P (even though it's a rarity for DCS). Thanks kindly for the added info.

 

Update: Received a reply this morning (430am EST) from DCS regarding the file submission - prompt and courtesies as usual - issue solved as of today's radius update -

Regards;

Steve