|
Spybot Search and Destroy Finds smoething to do with IE in the registry.
|
|
Senior Member
|
18. November 2006 @ 12:29 |
Link to this message
|
Can someone please explain to me what this is?
Hello, I am hopeing someone can help me explain what the screenshot below is showing.
Well recently I ran a Spybot S&D scan and it found some stuff I fixed all, but today I decided to check the recover section and I found this (Screenshot below) area in question circled in red.
It is something to do with the registry (I think) and Internet Explorer.
What is getting to me is the part where it says 'System Lock'
Incase you cant make out the text here is what it says(writing below in red):
Microsoft.Windows.Security.InternetExplorer
Settings
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.ex...
Thank You!
"He who asks is a fool for five minutes, but he who does not ask remains a fool forever." - Chinese Proverb BluRay.
This message has been edited since posting. Last time this message was edited on 18. November 2006 @ 14:02
|
|
Advertisement
|
|
|
|
Senior Member
|
18. November 2006 @ 13:38 |
Link to this message
|
Edited: I was looking at what you typed when searching and replying 'iexplorer.exe'. But Spybot found 'iexplore.exe' with no 'r'. If it did have an 'r' at the end it would be spyware.
I looked in my registry and found the exact same entry. Don't think it's anything to worry about. Although, I'm not 100% sure what it is. Thought I had something going until I was looking over my reply then noticed the missing 'r'. :)
Edit 2: When you fixed the entry with Spybot was the text red or dark green?
This message has been edited since posting. Last time this message was edited on 18. November 2006 @ 13:46
|
Senior Member
|
18. November 2006 @ 14:02 |
Link to this message
|
It was red, the entry.
So what do I do? Should I put this back into the registry?
And why did Spybot S&D think this was spyware? and what caused it to come up?
And should I put it back into the registry?
By The Way it had no r I put the r there (in the red writing) assuming there would be one, but I edited out now.
Thanks You.
BluRay.
"He who asks is a fool for five minutes, but he who does not ask remains a fool forever." - Chinese Proverb BluRay.
This message has been edited since posting. Last time this message was edited on 18. November 2006 @ 14:12
|
Senior Member
|
18. November 2006 @ 14:15 |
Link to this message
|
Hmm, that's odd if it was listed in red. It is very rare for Spybot to find false positives because it doesn't rely on any heuristics, but it does happen.
I'm going to scan with Spybot and see if it will flag mine. I'll let you know.
|
Senior Member
|
18. November 2006 @ 14:38 |
Link to this message
|
Okay, mine wasn't flagged in either red or green so I think Spybot is seeing something we can't. Look in your registry for that key. Is it there? If it is, then Spybot is not wrong by marking it in red. If it isn't there, I'd leave it out of the registry unless you start having problems with IE.
|
Senior Member
|
19. November 2006 @ 10:02 |
Link to this message
|
I dont use IE so I wont know if I am haveing problems.
I cant remember when I removed this but I only realised after looking in the recover section of Spybot Search and Destroy and it seemed strange.
So will it be in the registry if I have already removed it using Spybot search and destroy?
BTW I would also like to know why it was in the registry in the first place? And if it is supposed to be there.
Thank You
"He who asks is a fool for five minutes, but he who does not ask remains a fool forever." - Chinese Proverb BluRay.
This message has been edited since posting. Last time this message was edited on 19. November 2006 @ 10:07
|
Senior Member
|
19. November 2006 @ 10:35 |
Link to this message
|
Quote:
So will it be in the registry if I have already removed it using Spybot search and destroy?
No. Unless there were multiple entires.
Quote:
I would also like to know why it was in the registry in the first place? And if it is supposed to be there.
Well, if it was the legit entry, yes, it is supposed to be there. Can't be sure if it was legit or a bad entry posing as legit since Spybot flagged it red.
Use IE for a while and see if everything is running ok. If so, leave it out of the registry, but do not delete the backup made by Spybot.
You could even try replacing the entry, updating Spybot and scanning again. If it flags it twice, then you will know it is bad and then you should remove it. If it isn't picked up twice, leave it alone.
|
Senior Member
|
20. November 2006 @ 11:17 |
Link to this message
|
|
Thank You I will give it a go, and I will tell you what happens.
"He who asks is a fool for five minutes, but he who does not ask remains a fool forever." - Chinese Proverb BluRay.
|
|
Advertisement
|
|
|
Senior Member
|
20. November 2006 @ 13:10 |
Link to this message
|
By The Way, I found out now why it was there and what it was.
The change was made in the registry because I had to go a week or two without Zone Alarm (my firewall) and I did not want to use Windows firewall either, but I kept on getting that retarded pop up message in the task pane telling me "computer at risk firewall turned off click here to fix this problem" so I clicked on it and instead of turning windows firewall on, which I did not want, I just checked that little box saying "I have my own firewall solution" or something close to that.
And I noticed that when ever I did that, and I ran a Spybot scan I would find that the modified registry key would come up as a problem.
Below is a screenshot of what Spybot found when I turned automatic updates off, completely off, and then told it not to notify me about it being off.
"He who asks is a fool for five minutes, but he who does not ask remains a fool forever." - Chinese Proverb BluRay.
|
