Results 1 to 3 of 3

Thread: Microsoft.Windows.Security.InternetExplorer

  1. #1
    Junior Member
    Join Date
    Oct 2007
    Posts
    5

    Default Microsoft.Windows.Security.InternetExplorer

    I have received this warning about Microsoft.Windows.Security.InternetExplorer for the first time. Is this a false positive? The Security Center is referenced because I use Norton firewall and not Windows.

    Cram Toolbar: [SBI $6B03824D] Class ID (Registry key, nothing done)
    HKEY_CLASSES_ROOT\CLSID\{01E69986-A054-4C52-ABE8-EF63DF1C5211}

    Microsoft.Windows.Security.InternetExplorer: [SBI $A3433CBF] Settings (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-583907252-920026266-839522115-1003\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe

    Microsoft.WindowsSecurityCenter_disabled: [SBI $2E20C9A9] Settings (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start

    Kuasio.Ka: [SBI $4DE35253] Type library (Registry key, nothing done)
    HKEY_CLASSES_ROOT\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}

    Kuasio.Ka: [SBI $1601367A] Root class (Registry key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook

    Kuasio.Ka: [SBI $1601367A] Class ID (Registry key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}

    Kuasio.Ka: [SBI $4194BF29] Root class (Registry key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1


    --- Spybot - Search & Destroy version: 1.5 (build: 20070830) ---

    2007-08-31 blindman.exe (1.0.0.6)
    2007-08-31 SDMain.exe (1.0.0.4)
    2007-08-31 SDUpdate.exe (1.0.6.4)
    2007-08-31 SDWinSec.exe (1.0.0.8)
    2007-08-31 SpybotSD.exe (1.5.1.15)
    2007-08-31 TeaTimer.exe (1.5.0.9)
    2007-09-20 unins000.exe (51.46.0.0)
    2007-08-31 Update.exe (1.4.0.5)
    2007-08-31 advcheck.dll (1.5.3.0)
    2007-04-02 aports.dll (2.1.0.0)
    2007-04-02 DelZip179.dll (1.79.5.3)
    2007-08-31 SDHelper.dll (1.5.0.8)
    2007-08-31 Tools.dll (2.1.2.0)
    2007-09-26 Includes\Cookies.sbi (*)
    2007-07-25 Includes\Dialer.sbi (*)
    2007-09-26 Includes\DialerC.sbi (*)
    2007-08-29 Includes\Hijackers.sbi (*)
    2007-09-26 Includes\HijackersC.sbi (*)
    2007-07-25 Includes\Keyloggers.sbi (*)
    2007-09-26 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2007-09-12 Includes\Malware.sbi (*)
    2007-09-26 Includes\MalwareC.sbi (*)
    2007-09-05 Includes\PUPS.sbi (*)
    2007-09-26 Includes\PUPSC.sbi (*)
    2007-09-26 Includes\Revision.sbi (*)
    2007-05-30 Includes\Security.sbi (*)
    2007-09-26 Includes\SecurityC.sbi (*)
    2007-09-12 Includes\Spybots.sbi (*)
    2007-09-26 Includes\SpybotsC.sbi (*)
    2007-08-21 Includes\Tracks.uti
    2007-09-12 Includes\Trojans.sbi (*)
    2007-09-26 Includes\TrojansC.sbi (*)
    2008-12-24 Plugins\TCPIPAddress.dll

  2. #2
    Senior Member
    Join Date
    Oct 2005
    Location
    Germany
    Posts
    5,263

    Default

    Hello,

    Spybot - Search & Destroy is detecting Windows Security Center associated with Microsoft Security Center Registry changes. This is neither a false positive nor a bug. It is just an information.
    Spybot-S&D only wants to bring to your attention that "someone" disabled one or more notifications in the Windows Security Center, e.g. the notifications that your virus protection is not active or not up-to-date. If you changed the settings yourself you can safely tell Spybot-S&D to exclude those detections from further scans.
    In order to do so please right-click each in turn, then click "exclude this detection from future scans". That way, should any other part of security center settings change, Spybot-S&D will still detect those.
    The same is true if you have another security solution installed (like McAfee Security Center or Norton Internet Security). These programs do also disable the Windows Security Center in order to take care of things themselves.
    The reason why the changes are flagged by Spybot-S&D is that there are also malware programs that disable the notifications so the user doesn't take note of his security tools not being effective.

    Some more information is also available in our forum:
    http://forums.spybot.info/showthread.php?t=87

    Best regards
    Sandra
    Team Spybot

  3. #3
    Spybot Advisor Team [Retired] md usa spybot fan's Avatar
    Join Date
    Oct 2005
    Posts
    5,859

    Default

    re:
    Code:
    Microsoft.Windows.Security.InternetExplorer: [SBI $A3433CBF] Settings (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-583907252-920026266-839522115-1003\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe
    Please see my response to a similar query in the following thread:

    Getting an answer is one thing, learning is another.


    Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •