View Full Version : Should I Be Concerned About This?
For several days, now, since I downloaded updates for SS&D, I now get a Desktop.Explorer as a security risk. Well, when I click to remove it, SS&D does it just fine. But when I turn off and restart my computer, it comes back.
I'm really worried, because I've read that it can be used to look at a person's files and folders, remotely.
I've been wanting to do some online banking, but I'm afraid to sign up for it, for fear of my records being obtained. Also, I want to purchase something online too, but I don't want someone being able to get hold of my CC number via Desktop.Explorer.
What do I do? Is this really spyware? If so, how can I remove it permanently? Please forgive me, but I hope you'll reply in Kindergarten terms. Anything above that level, with regard to computer-talk can sound like Greek. :confused:
I would sincerely appreciate it if anyone can help.
Since the Detections Update from July 25, 2005, Spybot - Search & Destroy 1.4 has been detecting Security Risks (renamed to "Windows Security Center" on July 30) associated with Microsoft Security Center Registry changes. This is neither a false positive nor a bug. It is just an information.
Spybot-S&D only wants to bring to your attention that "someone" disabled one or more notifications in the Windows Security Center, e.g. the notifications that your virus protection is not active or not up-to-date. If you changed the settings yourself you can safely tell Spybot-S&D to exclude those detections from further scans.
In order to do so please right-click each in turn, then click "exclude this detection from future scans". That way, should any other part of security center settings change, Spybot-S&D will still detect those.
The same is true if you have another security solution installed (like McAfee Security Center or Norton Internet Security). These programs do also disable the Windows Security Center in order to take care of things themselves.
The reason why the changes are flagged by Spybot-S&D is that there are also malware programs that disable the notifications so the user doesn't take note of his security tools not being effective.
Some more information is also available in our forum:
md usa spybot fan
Please post the actual detection for Desktop.Explorer that you received. The actual detection can be found in the Checks.yymmdd-hhmm.log file produced during the scan.
Note: By default here are two Checks.yymmdd-hhmm logs produced during a scan. The second Checks.yymmdd-hhmm has the details of what the scan found. A Fixes.yymmdd-hhmm log is produced if you fix or attempt to fix something.
Two methods to copy that information:
Go into Spybot > Mode > Advanced mode > Tools > View Reports > View Pervious reports. Look for the last Checks.yymmdd-hhmm or Fixes.yymmdd-hhmm from when you got the error message. Open it. To copy to the Clipboard > highlight the portion you want to copy (or Right click and select Select All) > Right click > Copy.
The Checks.yymmdd-hhmm and Fixes.yymmdd-hhmm files are stored in the following folders:
Windows 95 or 98:
C:\Windows\Application Data\Spybot - Search & Destroy\Logs
C:\Windows\All Users\Application Data\Spybot - Search & Destroy\Logs
Windows NT, 2000 or XP:
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs
Using Windows Explorer, navigate to the correct Checks.yymmdd-hhmm file. Double click on it and it should open with Notepad. To copy to the Clipboard > highlight the portion you want to copy (or Right click and select Select All) > Right click > Copy.