Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Nod32 thinks Spyware Doctor is infected


  • Please log in to reply
2 replies to this topic

#1 sidorak95

sidorak95

  • Members
  • 122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:12 PM

Posted 08 June 2009 - 04:56 PM

Earlier, I was scanning with eset when it gave me this:
Posted Image
I checked PC Tool's website, couldn't find the answer in online support, I registered for their forum a couple days ago, and I still haven't received my activation email. So, can anyone tell if this is a false positive? Thanks.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:12 PM

Posted 08 June 2009 - 10:30 PM

I believe Spyware Doctor is decompressing files to the temp folder at which point are detected by real-time protection (ESET). That's one of the reasons why running more scanners at one time may cause certain problems. They are searching each others malware databases. Either mark it a ignore or turn off one while the other is operating. It is a False Positive or a conflict between the applications.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,950 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:12 PM

Posted 09 June 2009 - 09:14 AM

In many cases when an anti-virus or anti-malware program finds malicious files, they are renamed and moved to quarantine or another designated location (by the vendor) so they are rendered harmless. However, if you are using other security scanners they may detect these files as a threat. In other cases, as boopme noted, vendor-specific definitions/signatures files may be detected as threats by other security scanners.

According to a Moderator at the PC Tools forums, .vbt files are randomly named temp files created by their program's scanner. ThreatFire (also by PC Tools) users have reported similar detections by other scanners when encountering .vbt files.

If you suspect a detection was a "false positive", then you should submit a sample to the vendor so they can investigate and take corrective action. Please refer to
How to submit virus or potential false positive samples to ESET's labs.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users