Spybot Fixes But Problem Returns

W

WOLF359

New member
Hi,
Spybot Throws Up-microsoft.windows.security.internet Explorer.
Hkey_users\s-1-5-21-1757981266..................reg Change.
It Lists This As A High Priority So I Get It To Fix It, But On The Next Scan It's Back, Laughing In My Face.
I Noticed That It Appears During The Scan When It Gets To 'windows Redirected Host.
I Have Also Run Windows Defender, Reg Mechanic,and Ad-aware, But None Of These Give Me The Same Results. Ad-aware Tells Me That There Are 20 Negligible Objects That Are Mru Lists.
I Am Not Sure If I Have Something Serious Or Not! Help!
 
Hello,

The key "HKEY_CURRENT_USER,"\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN" (standard value is 1 with SP2) determines the ability to perform certain actions for local websites, i.e. websites saved on harddisk.

The value is set to 0 (zero) by some malicious applications in order to deminish the security settings for the zone "local computer". (see http://msdn.microsoft.com/security/productinfo/XPSP2/securebrowsing/locallockdown.aspx for details).

There are several threads on the subject:

* Windows.Security.Internet Explorer
http://forums.spybot.info/showthread.php?t=6560
* Scan Result
http://forums.spybot.info/showthread.php?t=6749

If you want you can also tell Spybot-S&D to exclude those detections from further scans.

You can exclude a product from the search as follows:
First of all procede a scan with Spybot - Search & Destroy. Now, mark the item, you want to exclude from the search, with a left-click.
It is marked blue now. Then right-click this entry and select "exclude this product from further searches".

It is also possible to exclude it before the search. Please run Spybot - Search & Destroy in "Advanced Mode" and go to "Settings" -> "Ignore products". There you can tick the checkbox in front of the product you want to exclude from the search.

Best regards
Sandra
Team Spybot
 
SSANDRA
Thanks for your reply, but I am a little confused. Are you suggesting that I alter the reg value to 1 if it is 0? Also how do I find the malware that might be doing this? Spybot and other programs do not identify the culprit.
 
You must log in or register to reply here.
Back
Top