Hi All, Just an FYI The latest Spybot (RC2) and using TDS latest Radius file Code: 06:24:15 [Init] Loading Radius Advanced Scanning Systems ... <R3 Engine, DCS Labs> 06:24:24 [Init] • Radius Advanced Specialist Extensions on standby for 13 trojan families 06:24:24 [Init] • Systems Initialised [53484 references - 27446 primaries/13812 traces/12226 variants/other] 06:24:24 [Init] Radius Systems loaded. <Databases updated 29-04-2005> Flags the Spybot blindman.exe as RAT.Delf.we2 Code: Scan Control Dumped @ 10:37:54 29-04-05 Positive identification: RAT.Delf.we2 File: c:\program files\spybot - search & destroy\blindman.exe I have submitted the file to DCS thru TDS-3 internal SMTP feature attached: screen shot of blindman's file properties Regards, Steve
Hi Steve, First of all of course: thanks ! Steve, Have you checked it with the Radius-update of Friday 29-April-2005: [53638 references - 27561 primaries/13851 traces/12226 variants/other] I noticed that those are newer TDS-definitions than you posted Sorry, at the moment I have not yet installed that Spybot 1.4 RC2. Warm regards, Jan.
No unfortunately the radius file I was using was from the day before, which I had updated ealy this morning my time (EST). And when you use a proxy for updates, the current date is loaded regardless of the actually radius file date. I will update and rescan when I return home, I'm @ work ATM. ~Shhh don't tell the boss~
Hi Steve, Yep, I can confirm your alert I did (as quick as possible) a new installation of Spybot 1.4 RC2 on my W98SE system. The MD5 checksum of the installation file: The file <D:\SpyBotSD\Version 1_4 RC2\spybotsd14rc2.exe> has the following Checksum(s) MD5 - B84ECFF06476E0FD975A6AE54A273963 The MD5 checksum of blindman.exe: The file <C:\Program Files\Spybot - Search & Destroy\blindman.exe> has the following Checksum(s) MD5 - B6F987EF44A780E1CBB3C277810F7FC1 My TDS-3 definitions: [53638 references - 27561 primaries/13851 traces/12226 variants/other] And the scandump with respect to that Spybot S&D file: Scan Control Dumped @ 02:44:18 30-04-05 Positive identification: RAT.Delf.we2 File: c:\program files\spybot - search & destroy\blindman.exe ====== Well, as Bubba already also mentioned : I am sure that Gavin will have a look at it after the weekend, and will fix it Cheers, Jan.
OK I just got Home Yes indeed with today's radius update it is detected: And just to confirm, I have the same checksums ****** No doubt about it Never any worries from me. Thanks and Have a Great Weekend Jan, Steve Ps. Thanks too Bubba, I wouldn't have searched the forum for possible past issues, as I had no doubt it was a F/P (even though it's a rarity for DCS). Thanks kindly for the added info.
Update: Received a reply this morning (430am EST) from DCS regarding the file submission - prompt and courtesies as usual - issue solved as of today's radius update - Regards; Steve