Jump to content
almodovaris

False positives (SpyBot immunization)

Recommended Posts

No, I don't use a proxy. I have ab-solution and ya-malware-block running on my router, I also have OpenDNS with custom filtering (most anonymizers blocked), HostsMan with an about 1 MB hosts file, I have MBAM Premium and F-Secure Safe Online as antivirus. Also, the default protocol on my Windows is IPv4, instead of IPv6 (I do have IPv6 connectivity, though).

Share this post


Link to post
Share on other sites

That's odd: regardless of being connected to IPVanish and/or regardless of disabling the hosts file:

- Firefox gives a blank page;

- Chrome gives a 404 error.

I also have PeerBlock (just ads and spyware lists).

Edited by almodovaris

Share this post


Link to post
Share on other sites

Ok, the important point is that you are able to reach it. I'm working on it and will share a new beta by tonight.

Share this post


Link to post
Share on other sites

Nope, what solved it is was ping adwcleaner.malwarebytes.com. Suggestion: if Adwcleaner cannot ping, it should hammer like 10 times, then proceed further.

Share this post


Link to post
Share on other sites

Adwcleaner is a little alarmist and concealing its own intentions, because it makes you see that you are infected, and it does not show you all the information in the elimination so you think it does a wonderful job, but it is the opposite for example: in the registry tree HKEY_Current_User\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
and the key is that \ 007guard.com
but the value is Dword 4 which is a value designated to redirect drowning or black hole, I got bored of cleaning with this cleaner thinking that I am always infected, but the strange thing is that I never catch virus or adware for severals reasons, I am very meticulous. that's why I researched with google and found the interpreter of those changes, and it is the "spybot" explaining all those doubts at their forums, now the problem will be to add exclusions in adwcleaner because it is very tedious to adding one by one each false positive entry, and for that I'll stop or wait of using it by the momment, it's not productive for me. it only creates discomfort and confusion.

Edited by monstertruckpa

Share this post


Link to post
Share on other sites
19 hours ago, monstertruckpa said:

Adwcleaner is a little alarmist and concealing its own intentions, because it makes you see that you are infected, and it does not show you all the information in the elimination so you think it does a wonderful job, but it is the opposite for example: in the registry tree HKEY_Current_User\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
and the key is that \ 007guard.com
but the value is Dword 4 which is a value designated to redirect drowning or black hole, I got bored of cleaning with this cleaner thinking that I am always infected, but the strange thing is that I never catch virus or adware for severals reasons, I am very meticulous. that's why I researched with google and found the interpreter of those changes, and it is the "spybot" explaining all those doubts at their forums, now the problem will be to add exclusions in adwcleaner because it is very tedious to adding one by one each false positive entry, and for that I'll stop or wait of using it by the momment, it's not productive for me. it only creates discomfort and confusion.

Please take a look at this thread.  It also explains how to exclude these entries with just a few clicks rather than one-by-one (you may exclude the entire families of detections in the highest levels of the trees for each detected category in the results).

As far as I can tell, the issue occurs because the most recent version of ADWCleaner is configured to detect these sites if they are included in the Trusted Sites list for Internet Explorer (and any other browser that honors those same settings in the registry), however it isn't categorizing them correctly because it's merely checking for the presence of those sites under the Zonemap/Domains registry keys rather than looking at the value data to confirm that it is set to 2 which means trusted versus 4 which means restricted.  The team is aware of the issue and plans to have it resolved in the next release, however I do not know when that will be.

Edited by exile360

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.