PDA

View Full Version : Microsoft.Windows.AppFirewallBypass



pgroot
2007-06-13, 20:04
Microsoft.Windows.AppFirewallBypass: Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\WINDOWS\system32\usmt\migwiz.exe

Microsoft.Windows.AppFirewallBypass: Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\WINDOWS\system32\usmt\migwiz.exe

The registry entries are both:
C:\WINDOWS\system32\usmt\migwiz.exe:*:Disabled:Files and Settings Transfer Wizard

So not only is this a known Microsoft application, it is disabled.
I'm not sure why it is disabled. But this detection appears to be a false positive in 2007-06-13 Includes\Beta.sbi (*)

spy1
2007-06-17, 18:49
Yes, I got the same thing you did, but I let SBS&D go ahead and remove it with no ill effects that I could tell.

I figured that if it was off anyway, there wasn't any need for it to be there, period. Pete

Yodama
2007-06-18, 10:11
hi,

normally you do not want your windows migration to be accessing incoming communication through the firewall unless you really do a migration.

So this should only be allowed if there is need to and disabled otherwise, since there are trojan horses which override the original file and act as servers under the unsuspicious name of the migwiz.exe.

greenhatch
2007-06-20, 14:37
Excuse my slowness, but does this mean we should remove the two entries ticked by the Search & Destroy, or is it a false positive to be corrected in the next update?

Yodama
2007-06-20, 14:51
This is not considered a false positive, though fixing it may be inconvenient if you mirgrate your windows over the network very often ;)
If you let spybot fix this, the Windows Firewall will ask if you want to block migwiz.exe or not, usually it is no when you want to migrate over the network.

So the impact on the workflow is relatively small if you let Spybot fix this, while it gives you more security against a fake migwiz.exe that receives commands through the opened Windows Firewall.

ky331
2007-06-20, 16:35
How about these two?


Microsoft.Windows.IEFirewallBypass: Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\WINDOWS\Program Files\Internet Explorer\IEXPLORE.EXE

Microsoft.Windows.IEFirewallBypass: Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\WINDOWS\Program Files\Internet Explorer\IEXPLORE.EXE

nowellp
2007-06-21, 01:43
I am in the same boat. Could you please tell me how I should handle these two detections; I'm obviously not a tech so please explain in relatively easy terms. I do not know what migrations are, have mcafee firewall and xp sp2.
Thank you

Yodama
2007-06-21, 08:20
@ky331

the Internet Explorer does not need to get authorized for the Windows Firewall for internet surfing. The Windows Firewall only works one way, it does not block requests made from the host computer, it can only block access from outside.
There may be some special purpose where it may be required to have the Internet Explorer authorized for the Windows Firewall, which would basically make the Internet Explorer accept incoming transmissions like a server would.


@nowellp
Windows migration is used to transfer files, folders and settings from one computer to another. This is not bound to hardware and is usually used when the computer hardware is upgraded/exchanged.

greenhatch
2007-06-21, 10:03
Yodama:

Microsoft.Windows.IEFirewallBypass: Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\WINDOWS\Program Files\Internet Explorer\IEXPLORE.EXE

Microsoft.Windows.IEFirewallBypass: Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\WINDOWS\Program Files\Internet Explorer\IEXPLORE.EXE

Sorry to be a bit dense, but if these two entries appear as detected items, do we (a) tick to delete or (b) are they false positives to be countered by a Spybot later update?

(a) or (b) please?

joe53
2007-06-21, 10:35
Yodama:

Like ky331 and greenhatch, I don't know what to do with these 2 Microsoft.Windows.IEFirewallBypass registry detections. Spybot offers me no option to ignore or exclude them in future searches, so I do nothing.

I suspect they are related to the fact that I have disabled Windows firewall, and am using a third-party firewall (in my case, Comodo).

Yodama
2007-06-21, 10:35
It is not a false positives unless you want your Internet Explorer to accept incoming requests. The normal use for the IE is to sent request not to accept them, meaning that it is acting as a client not a server.
In some cases however it may be required for the IE to accept incoming requests, for instance if you make an online scan. But the IE should only be able to accept requests for such special purposes, after that you should unauthorize the IE for the Windows Firewall , so that you are aware if a website tries to make requests to your browser.
If you scan online often you may want to set
Microsoft.Windows.IEFirewallBypass
to the ignored products list. You can also configure the Windows Firewall to ask again and not authorize permanently.

Alan D
2007-06-21, 11:03
I'm getting this alert too (but only after today's update), but even after reading the above posts I don't understand what it means, nor what to do about it.

1. I don't use the Windows firewall. It's switched off. I use the AVG firewall.
2. Internet Explorer is not selected as an exception in Windows Firewall.

Could someone please explain clearly why we are getting this alert (even when Windows firewall is off, and IE is NOT a selected exception) and explain precisely what action we should take about this alert?

greenhatch
2007-06-21, 11:28
Yodama:
Sorry I don't know if it's a matter of English or how I'm expressing myself. Please indicate your recommendation: (a) or (b) please. I just surf the net, I don't do anything special or clever.

Yodama
2007-06-21, 11:29
@Alan D

Spybot looks for what has been entered into the list of authorised applications, it does not matter if the entry is disabled or enabled, even if the Windows Firewall is deactivated.

Fixing this will remove the IE from the list of authorized applications for the Windows Firewall only, it will have no effet on the AVG Firewall.

And it will have no effect on the normal internet browsing with the IE.

jerome1951
2007-06-21, 11:57
Hello, I am just new on this forum and, more, I am french, so sorry for my poor english...
As others, I have this dection since yesterday update:
Microsoft.Windows.IEFirewallBypass: Réglages (Valeur du registre, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE

Microsoft.Windows.IEFirewallBypass: Réglages (Valeur du registre, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE

I read the different posts and have understood the problem, I think.
But my question is:
1. Is it necessary to fix it? A security necessity? (I use McAfee fire wall)
2. Or just exclude it of next scans by right-click?
Thank you and regards.

Yodama
2007-06-21, 12:04
Hello jerome1951,

if you have a personal firewall like the McAfee or AVG firewall running, there is no necessity in terms of security to have Spybot fix this. Your personal firewall already watches over incoming and outgoing connections, and there no need to use the Windows Firewall and another personal firewall.

This is only of concern if only the Windows Firewall is being used.

Alan D
2007-06-21, 12:04
Thanks Yodama, I'm starting to understand a bit more now what's going on.

1. Are we getting this alert (which has never appeared before) ...
(a) because something has changed in our computers? or
(b) because this is a new detection only recently added to Spybot' database?

2. If I were to delete the Internet Explorer exception entry in the Windows firewall configuration, rather than merely untick it as at present, would that do basically the same job as letting Spybot fix the 'issue'?

Alan D
2007-06-21, 12:07
if you have a personal firewall like the McAfee or AVG firewall running, there is no necessity in terms of security to have Spybot fix this.

Ah!!! This is really important information! Thank you.

jerome1951
2007-06-21, 12:13
Thank you Yodama for your quick answer.
So, according to you, can I exclude the detection of next scans by right-click to recover serenity and a clean scan?
It seems to be more an INFORMATION than an INFECTION, am I right? More or less the same thing that "Windows Security Center"?
Regards.

greenhatch
2007-06-21, 12:16
Still not understanding Yodama's remarks, I've just added the two entries to the 'ignore single entries'.

Yodama
2007-06-21, 15:41
@jerome1951
yes you are right it is actually a security information, acutally an information with an advice ;)

@greenhatch
Please fix the entries and if you are using the Windows Firewall configure your Windows Firewall to ask you wether to block application in future or not.

Judesman
2007-06-21, 16:40
I have been following this thread and this is the alert that I am getting:

Microsoft.Windows.IEFirewallBypass:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE

Microsoft.Windows.IEFirewallBypass:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE

It seems to me that we are receiving this alert because of the recent update, but I do not understand what it is saying. In spite of everything that has been posted here I wonder if someone could explain in simple language exactly what this alert means. Your help would be appreciated.

pgroot
2007-06-21, 17:56
It is not a new infection, it is a new detection that was in beta detections last week and is now under security. Perhaps it would be best described as a vulnerability if something is allowed to bypass the firewall. If it is Microsoft (migwiz.exe and iexplore.exe) it won't cause harm unless malicious code is substituted for the privileged executable, and Windows Firewall is your only firewall.

Alan D
2007-06-21, 18:06
I wonder if someone could explain in simple language exactly what this alert means.

This may be a case of the blind leading the blind, but here's my understanding of the situation:

1. This is a new detection, only added to the Spybot database in the last update (see here, under 'Security': http://forums.spybot.info/showthread.php?p=96665#post96665). That's why we haven't seen these alerts before.

2. The Windows firewall can be configured to 'authorize' certain programs to receive incoming requests from 'out there'. Usually there is no good reason why Internet Explorer should be one of these 'authorised' programs, and yet it apparently is, on many of our systems.

3. If Windows firewall is your only firewall, then this setting is a security risk. Spybot is offering to fix it by removing the authorization. It seems that in this case the correct action is to allow Spybot to fix it.

4. If your Windows firewall is disabled (because you're using another firewall instead) then it doesn't matter whether you let Spybot fix this or not, because you're not at risk.

I hope this is correct. If there's a mistake somewhere, please correct it, someone.

robinb9
2007-06-21, 22:19
I have 5 computers running spybot S&D 1.4 on xp

2 have avg pro with firewall and xp pro sp2
Both of these when doing the scan after the update did not show the vulnerability and in Windows Firewall they are NOT in the exceptions list.

1 is running xp home sp2 and Zone Alarm Free and after the update and scan it did show the vulnerability and in Windows Firewall IE Explorer is checked.
On that one I allowed the fix in Spybot and noticed when doing so the IE Explorer disappeared out of the exception list.

I have one notebook computer, xp pro sp2 running Windows Firewall only and yes IE explorer is in and checked in Windows Firewall exception list. I ran the scan in spybot and it also came up with the vulnerability. Before i ran the scan I went into the firewall and unchecked IE Explorer to see what would happen- then ran the scan. As said it still showed the vulnerability.

I allowed spybot to fix it. I checked to make sure i am still on the network and I am. I cannot find where you ask Windows Firewall to ask you for that specific file if i find I need to run any online scans so please tell me where this is besides IE Explorer is no longer in the list of exceptions so now what?

I have another xp pro computer on the network but it is in use right now and i cannot run the scan on it as of yet. Before i do I would like to understand how to configure the Windows Firewall to ask again for IE and not authorize permanently.

Also if one is NOT on a network and only running Windows Firewall I am safely to assume you can allow spybot to fix? and if on a network I am also safely to assume this should not effect the network if I allow it to fix too? correct?

thanks
Robin

Judesman
2007-06-21, 23:39
Thank you all for your input.

As I understand it, as I have NAV as a firewall I can ignore this alert. If I relied on Windows, and the exception box for IE is not checked then the alert would not appear. If the exception box is checked then the alert would appear and the fix in Spybot would remove the check.

I hope that is right.

Alan D
2007-06-21, 23:45
I allowed spybot to fix it. I checked to make sure i am still on the network and I am. I cannot find where you ask Windows Firewall to ask you for that specific file if i find I need to run any online scans so please tell me where this is besides IE Explorer is no longer in the list of exceptions so now what?

So as I understand it, Spybot will 'detect' this vulnerability if IE is a listed exception in the Windows firewall configuration - whether or not the Windows firewall is disabled, and regardless of whether IE is selected in the Windows firewall authorisation list.

Which brings me to a question I asked earlier: If IE is in the Windows firewall configuration list, there are three options: tick the box; don't tick the box; or remove the entry altogether. The first two options don't affect the Spybot detection. It seems from what Robin says that the Spybot 'fix' effectively removes IE from the list. So I presume that an alternative to the Spybot fix is to manually remove IE from the list?

But if we do - what happens (as Robin says) if we need to put it back in at some future time?

Alan D
2007-06-21, 23:57
Thank you all for your input.

As I understand it, as I have NAV as a firewall I can ignore this alert.
Yes.


If I relied on Windows, and the exception box for IE is not checked then the alert would not appear. If the exception box is checked then the alert would appear and the fix in Spybot would remove the check.

Not quite. If IE is in the list, then the alert will appear whether the box is ticked or not (I can't see why, but that does seem to be the case). The only way to stop the alert is to either remove IE from the list completely yourself, or to let Spybot do it for you. But in your case this is merely an academic point. It simply doesn't matter.

Judesman
2007-06-22, 13:07
Thanks Alan D. Having read the other thread that is now running I still find this a little confusing.

Alan D
2007-06-22, 15:03
Thanks Alan D. Having read the other thread that is now running I still find this a little confusing.

I'm not surprised. Trying to pin this down is like trying to catch the soap in the bath. I'm beginning to suspect that Spybot has got us all chasing our tails!!

tonyb103
2007-06-23, 11:58
I have 5 computers running spybot S&D 1.4 on xp

I have one notebook computer, xp pro sp2 running Windows Firewall only and yes IE explorer is in and checked in Windows Firewall exception list. I ran the scan in spybot and it also came up with the vulnerability. Before i ran the scan I went into the firewall and unchecked IE Explorer to see what would happen- then ran the scan. As said it still showed the vulnerability.

I allowed spybot to fix it. I checked to make sure i am still on the network and I am. I cannot find where you ask Windows Firewall to ask you for that specific file if i find I need to run any online scans so please tell me where this is besides IE Explorer is no longer in the list of exceptions so now what?

I have another xp pro computer on the network but it is in use right now and i cannot run the scan on it as of yet. Before i do I would like to understand how to configure the Windows Firewall to ask again for IE and not authorize permanently.

Also if one is NOT on a network and only running Windows Firewall I am safely to assume you can allow spybot to fix? and if on a network I am also safely to assume this should not effect the network if I allow it to fix too? correct?

thanks
Robin

Robin,

My first recommendation to you is to stop using Windows Firewall on the one notebook computer as it is pretty much garbage and not worth much in the way of protection. The AVG Pro and Zone Alarm are both good firewalls. I would put Zone Alarm on the notebook and stick with it, then let Spybot S & D fix the issue, then you don't have to worry about it. If you have a computer that is not on a network, but does access the internet, you still want to fix it if it is your only firewall. It will not effect how your network operates. The only thing this fixes is stopping inbound requests that you DID NOT initiate. Let Spybot fix it, then let your other firewall protect you. You're much better off that way. Hope this helps, if not, post again and I'll try to explain a bit better.

Tony

nowellp
2007-06-23, 16:10
I remember an issue similiar to this sometime ago.
Your answer was clear which non techs like myself appreciate.
Thank you

owlscreech
2007-06-30, 15:14
Got the same two IE Firewall Bypass detections -- no clear yes or no answer from the mods yet as to what to do about it. I use AVG security suite, not Windows Firewall, so went ahead and let the trusted Spybot fix what it found.

Spybot user since ~2001, thanx for this great security product and maintenance work. (yes, i donated :) )


---
Microsoft.Windows.IEFirewallBypass: Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE

Microsoft.Windows.IEFirewallBypass: Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

DMFerra
2007-07-02, 17:18
Hi,

I am not at all saavy about any of this.

I just did a SBS&D and it gave me the following result:

Microsoft.Windows.IEFirewallBypass: Settings (Registry value, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE

Microsoft.Windows.IEFirewallBypass: Settings (Registry value, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE

Help! What does this mean? I told SBS&D to fix it, since I assume that the program is suggesting to me that there is a problem that could compromise the security of my computer.

Can someone explain to me if I did the right thing, and what this means?

Thank you so much for your patience and assistance.

Yodama
2007-07-02, 17:25
hi,

these :
Microsoft.Windows.IEFirewallBypass: Settings (Registry value, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE

Microsoft.Windows.IEFirewallBypass: Settings (Registry value, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE

are only of concern if you use the Windows firewall, all other firewalls are not affected by this.

Normally the Internet Explorer does not need to be authorized for the Windows firewall. It is only required for special purposes, like online virus scanners. If you just surf normally, you should let Spybot fix this, since it can be a security issue with malicious/hacked websites.

DMFerra
2007-07-02, 18:36
Great, thank you so much.

Alan D
2007-07-02, 22:05
Normally the Internet Explorer does not need to be authorized for the Windows firewall. It is only required for special purposes, like online virus scanners.

One of the things that has baffled many of us who have been alerted to this by Spybot is that we don't have any idea how IE came to be included in our Windows firewall exceptions list (we don't believe malware has been responsible). I wonder if here you might have given us an answer? Certainly in the past I have used several online scanners at a time when I was only using the Windows firewall - is this a possible explanation as to how this exception got into the list? If the online scanner requested access, and the Windows firewall asked for permission and we gave it, and if we then forgot that incident afterwards (very likely), the result would be the mysterious entry that we now see. Does this make sense?

Yodama
2007-07-03, 09:33
Certainly in the past I have used several online scanners at a time when I was only using the Windows firewall - is this a possible explanation as to how this exception got into the list? If the online scanner requested access, and the Windows firewall asked for permission and we gave it, and if we then forgot that incident afterwards (very likely), the result would be the mysterious entry that we now see. Does this make sense?

hello,

yes this makes sense and is the most likely explanation. I hope you have not been too confused by this. The description will also be updated with the next update.

whitneymuse
2007-07-13, 07:37
hello,

yes this makes sense and is the most likely explanation. I hope you have not been too confused by this. The description will also be updated with the next update.
I'm very appreciative for all of these comments and the responsible way they are presented; I certainly was convicted to allow Spygot S&D to fix the problem and the internet is still alive and well; I haven't done a reboot yet, so I suppose that's the proof of the pudding so to speak; I have so many partitions and multiboot MBRs so I'll just have to remember to do this download again on the other MBR partitions; one thing I do with regularity and that is to get internet streaming radio from WABC in NYC...I'm on the west coast, that is.

We shall see.

whitneymuse
2007-07-13, 07:57
So, I'm hoping that problem is cured and it was something relatively new and recent and is now, gone...I have a couple other bootable partitions that I'll try on another day and come back to this one.

Michael777
2007-08-21, 23:33
I've received the same results and would like to know if these are dangerous or not. I have read the past posts and just don't understand what I read.

Microsoft.WindowsSecurityCenter.AntiVirusOverride: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride!=dword:0

Microsoft.Windows.IEFirewallBypass: Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE

Microsoft.Windows.IEFirewallBypass: Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-05-31 Update.exe (1.4.0.0)
2007-04-13 unins000.exe (51.41.0.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-05-23 advcheck.dll (1.5.3.0)
2007-07-31 Tools.dll (2.1.2.0)
2007-08-15 Includes\Cookies.sbi (*)
2007-08-15 Includes\Revision.sbi (*)
2005-02-17 Includes\Tracks.uti
2007-08-01 Includes\Malware.sbi (*)
2007-08-01 Includes\Spybots.sbi (*)
2007-08-01 Includes\Trojans.sbi (*)
2007-08-15 Includes\TrojansC.sbi (*)
2007-08-15 Includes\SpybotsC.sbi (*)
2007-08-15 Includes\SecurityC.sbi (*)
2007-08-15 Includes\PUPSC.sbi (*)
2007-08-15 Includes\MalwareC.sbi (*)
2007-08-15 Includes\KeyloggersC.sbi (*)
2007-08-15 Includes\HijackersC.sbi (*)
2007-08-15 Includes\DialerC.sbi (*)
2007-07-25 Includes\Dialer.sbi (*)
2007-07-11 Includes\Hijackers.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-07-25 Includes\Keyloggers.sbi (*)
2007-08-08 Includes\PUPS.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2007-06-06 Plugins\TCPIPAddress.dll

The descriptions of these in spybot are not easy to understand, I'm confused.

md usa spybot fan
2007-08-22, 06:52
What anti-virus and firewall are you using?

gust0261
2007-09-06, 03:30
What does
migrate your windows over the network
mean?

I don't know if I do this or not.

We have a server we pull data off and I think our antivirus software is on the server.