NS Keylogger in SpywareBlaster

  • Thread starter Thread starter Martin
  • Start date Start date
M

Martin

Nothing detected by MS Anti Spyware for several days,
then the setup/uninstall file "unins000.exe" from
Javacool's SpywareBlaster is identified as infected
with "NS Keylogger Personsal Monitor" (their spelling,
not mine!) File quarantined, and then SpywareBlaster re-
installed - same infection report running the scan (but
ignored this time). SpywareBlaster has been running much
longer than MS Anti Spyware on this machine, with no
apparent problems. Any suggestions?
 
Yes. This is a false positive in definiton version 5709.

5711 is available now. Do a File, Check for updates, and you should be fine
on the next scan.
 
Martin,
Please hold off from anything more drastic than Quarantine with this one. It
seems something has gone a little awry with the defs #5709 and/or #5711
which came out today.

Stay tuned for more info as it becomes available, as it seems to be a false
positive.

Ron Chamberlin
MS-MVP
 
Thanks - have run and installed the 5711 update, (and
definitions have been further updated since) but this is
still showing up on scans. I've set it to be ignored
because I'm sure you're right that this is a false
positive (otherwise why was it not picked up before...)
but I wonder how long the error will last?
 
In every case I've been able to verify so far, the appearance you are seeing
(5711 (apparently) definitions, but still seeing the false
positive)--indicates that the 5711 definitions haven't been fully installed.

You can verify which definition files are actually on your machine using the
information in this KB article:

http://support.microsoft.com/default.aspx?scid=kb;en-us;892519

I am not sure this is updated to 5711 yet, but see if either of your files
looks like 5709.

I've successfully cleared up a situation where the updates weren't correctly
completing by simply renaming or deleting the current definition
files--using that article as a guide to give the names and location
(typically c:\program files\microsoft antispyware) Then try doing File,
Check for updates again.
 
Back
Top