PDA

View Full Version : Ignore or fix red detections?



antenner
2007-11-09, 20:16
I have a long list of green detections, so long that it aborted the search, and a short list of red detections related to Microsoft.Windows.Security.InternetExplorer and antivirusdisable, and firewalldisable in the windowssecuritycenter section.

If I feel that these red items were normally expected changes to do with decisions i made with my antivirus, do I have them "fixed" anyway or "ignore" them? How do you set them to not be red any more? I do want to know if a virus makes a change in the future so I would be afraid to turn the item off entirely.

And i have no idea when one is supposed to leave a green item alone or what are the consequences of "fixing" something. I'm afraid to hurt my computer. Is it safe to just tell it to "fix all"? I'm also not clear what is being done in Immunize.

The next post contains my detections report. Can I safely "fix all" without something being removed that will harm my use of the computer?

i don't want spyware cookies on the computer. I do probably want to be able to see my recent documents in Word but that's about it.

antenner
2007-11-09, 20:18
--- Search result list ---
WildTangent: [SBI $3A3BDC07] Program directory (Directory, nothing done)
C:\WINDOWS\wt\

Microsoft.Windows.Security.InternetExplorer: [SBI $366713D4] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe

Microsoft.Windows.Security.InternetExplorer: [SBI $A3433CBF] Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe

Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: [SBI $5509538C] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify

Microsoft.WindowsSecurityCenter.FirewallDisableNotify: [SBI $8CFC8C85] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify

Common Dialogs: [SBI $2D4720C9] History (315 files) (Registry key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU




next post part 2

antenner
2007-11-09, 20:19
Log: [SBI $2D4720C9] Activity: COM+.log (Backup file, nothing done)
C:\WINDOWS\COM+.log

Log: [SBI $2D4720C9] Activity: SchedLgU.Txt (Backup file, nothing done)
C:\WINDOWS\SchedLgU.Txt

Log: [SBI $2D4720C9] Activity: imsins.log (Backup file, nothing done)
C:\WINDOWS\imsins.log

Log: [SBI $2D4720C9] Activity: OEWABLog.txt (Backup file, nothing done)
C:\WINDOWS\OEWABLog.txt

Log: [SBI $2D4720C9] Activity: ntbtlog.txt (Backup file, nothing done)
C:\WINDOWS\ntbtlog.txt

Log: [SBI $2D4720C9] Install: comsetup.log (Backup file, nothing done)
C:\WINDOWS\comsetup.log

Log: [SBI $2D4720C9] Install: Directx.log (Backup file, nothing done)
C:\WINDOWS\Directx.log

Log: [SBI $2D4720C9] Install: ocgen.log (Backup file, nothing done)
C:\WINDOWS\ocgen.log

Log: [SBI $2D4720C9] Install: setupact.log (Backup file, nothing done)
C:\WINDOWS\setupact.log

Log: [SBI $2D4720C9] Install: setupapi.log (Backup file, nothing done)
C:\WINDOWS\setupapi.log

Log: [SBI $2D4720C9] Install: svcpack.log (Backup file, nothing done)
C:\WINDOWS\svcpack.log

Log: [SBI $2D4720C9] Install: wmsetup.log (Backup file, nothing done)
C:\WINDOWS\wmsetup.log

Log: [SBI $2D4720C9] Install: DtcInstall.log (Backup file, nothing done)
C:\WINDOWS\DtcInstall.log

Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\mofcomp.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\mofcomp.log

Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\setup.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\setup.log

Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\wbemcore.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemcore.log

Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\wbemess.lo_ (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.lo_


next is part 3

antenner
2007-11-09, 20:20
SORRY meant to call this Part 3, can't edit post title, can't fit the list in the post either


Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\wbemess.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log

Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\wbemprox.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemprox.log

Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\wbemsnmp.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemsnmp.log

Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\winmgmt.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\winmgmt.log

Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\wmiadap.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiadap.log

Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\wmiprov.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log

Ahead Nero Burning Rom: [SBI $79A66815] Save tracks directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Ahead\Nero - Burning Rom\SaveTrackOptions\Stdflist

Ahead Nero Burning Rom: [SBI $F9C5E63A] Last encoding directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Ahead\Nero - Burning Rom\Settings\EncodingLastDir

Ahead Nero Burning Rom: [SBI $DE353278] Browser directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Ahead\Nero - Burning Rom\Settings\BrowserDir

Ahead Nero Burning Rom: [SBI $F3FD92E9] Working directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Ahead\Nero - Burning Rom\Settings\WorkingDir

Ahead Nero Burning Rom: [SBI $055C754D] Last ISO directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\ahead\Nero - Burning Rom\General\OFDLastISODir

Ahead Nero Cover Designer: [SBI $6441CE99] Recent file list (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\ahead\Cover Designer\Recent File List

Internet Explorer: [SBI $D9A946AF] Last used directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Internet Explorer\Main\Save Directory

Internet Explorer: [SBI $FF589D0C] Download directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Internet Explorer\Download Directory

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Management Console: [SBI $ECD50EAD] Recent command list (4 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Microsoft Management Console\Recent File List

antenner
2007-11-09, 20:22
MS Media Player: [SBI $735D57D7] Recent open directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\Player\Settings\OpenDir

MS Media Player: [SBI $D8642806] Application data file (global) () (File, nothing done)
C:\Documents and Settings\All Users\Application Data\Microsoft\Media Index\wmplibrary_v_0_12.db

MS Media Player: [SBI $656F1808] Search terms history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\AutoComplete\MediaSearch

MS Media Player: [SBI $8E65C0EE] Last opened playlist (Registry value, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist

MS Media Player: [SBI $8E65C0EE] Last opened playlist (Registry value, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist

MS Media Player: [SBI $8E65C0EE] Last opened playlist (Registry value, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist

MS Media Player: [SBI $8E65C0EE] Last opened playlist (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist

MS Media Player: [SBI $8E65C0EE] Last opened playlist (Registry value, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist

MS Media Player: [SBI $1BDA487B] Last selected track index (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\Preferences\LastPlaylistIndex

MS Media Player: [SBI $6D2E50D8] Last selected node (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\MediaLibraryUI\MLLastSelectedNode

MS Media Player: [SBI $3B9B7B9A] Last CD record path (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\Preferences\CDRecordPath

MS Media Player: [SBI $3B46EBCE] Manually modified tags history (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\AutoComplete\MediaEdit

MS Media Player: [SBI $5C51E349] Client ID (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $67184AC2] Anonymous ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\Preferences\SendUserGUID

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS Office 10.0: [SBI $65F660A1] Internet history (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Office\10.0\Common\Internet\UseRWHlinkNavigation

MS Office 10.0: [SBI $A0473B14] Access recent file (1 files) (Registry key, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Office\10.0\Access\Settings

MS Office 10.0: [SBI $A0473B14] Access recent file (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Office\10.0\Access\Settings

MS Office 10.0: [SBI $A0473B14] Access recent file (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Office\10.0\Access\Settings

MS Office 10.0: [SBI $40D97094] Recently used symbol list (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Office\10.0\Common\General\SymbolMRU

MS Office 10.0 (Word): [SBI $51FE086C] Recently used documents list (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Office\10.0\Word\Data\Settings

MS Office 10.0 (Word): [SBI $E97870AB] Disabled items history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Office\10.0\Word\Resiliency\DisabledItems

MS Office 11.0: [SBI $D8926923] Last typed search text (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Office\11.0\Common\Search\Last Query\LastSearchText

MS Fax: [SBI $F2D1A0E8] Last country ID (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Fax\UserInfo\LastCountryID

MS Fax: [SBI $8F651DE1] Last recipient name (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Fax\UserInfo\LastRecipientName

MS Fax: [SBI $17E7FB0C] Last recipient number (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Fax\UserInfo\LastRecipientNumber

MS Frontpage: [SBI $59ED01E2] Default page (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\FrontPage\DefaultSave

MS Frontpage: [SBI $593CEA98] Default image add folder (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\FrontPage\Editor\Default Add Image Directory

MS Frontpage: [SBI $C59EB1BF] Navigation history (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\FrontPage\Explorer\Navigation\MRUList

MS Frontpage: [SBI $4EE27838] Recently used templates (8 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\FrontPage\Editor\Recent Templates

MS Frontpage: [SBI $EA3EB68E] Last opened web (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Settings\LastWebOpen

MS Regedit: [SBI $C3B62FC1] Recent open key (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey

MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Search Assistant\ACMru

MS Wordpad: [SBI $4C02334D] Recent file list (4 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List

MusicMatch JukeBox: [SBI $BAD03F2C] Setup download folder (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\MusicMatch\download

MusicMatch JukeBox: [SBI $9D4551E3] Last conversion destination folder (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\MusicMatch\MusicMatch Jukebox\4.0\FileConv\DestDir

MusicMatch JukeBox: [SBI $F9A6DCAB] Last conversion source folder (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\MusicMatch\MusicMatch Jukebox\4.0\FileConv\SourceDir

RealOne Player 2 (aka RealPlayer 6.0): [SBI $F369C542] Last login time (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\RealNetworks\RealPlayer\6.0\Preferences\LastLoginTime\

RealOne Player 2 (aka RealPlayer 6.0): [SBI $BB3E2788] Last open file directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\RealNetworks\RealPlayer\6.0\Preferences\LastOpenFileDir\

RealOne Player 2 (aka RealPlayer 6.0): [SBI $0AA1D244] Most recent skins #1 (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentSkins1\

RegAlyzer: [SBI $4E2EB979] Last opened key (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\LastKey

RegAlyzer: [SBI $61FBEC1C] Search parameters (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchKeys

RegAlyzer: [SBI $BA4688A8] Search parameters (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchValues

RegAlyzer: [SBI $1CE50F1A] Search parameters (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchData

RegAlyzer: [SBI $AB824111] Search parameters (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchRange

RegAlyzer: [SBI $F3D4D6A2] Search parameters (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchIgnoreCase

RegAlyzer: [SBI $94BEC9E5] Search parameters (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchHighSpeed

RegAlyzer: [SBI $F443DD23] Search parameters (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchTypeStrings

RegAlyzer: [SBI $28C9D7F7] Search parameters (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchTypeNumerics

RegAlyzer: [SBI $5B56D2E8] Search parameters (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchTypeBinary

RegAlyzer: [SBI $67EDD561] Search parameters (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\ReplaceIgnoreCase

RegAlyzer: [SBI $A0D84BD3] Search parameters (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\HexDumpSize

RegAlyzer: [SBI $D43498CE] Search parameters (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchDateTime1

RegAlyzer: [SBI $FF19CB0D] Search parameters (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchDateTime2

RegAlyzer: [SBI $CE91B32F] Search parameters (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchByDateMode

RegAlyzer: [SBI $09450A81] Search parameters (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchStyle

Windows: [SBI $1E4E2003] Drivers installation paths (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $16E309E0] Open with list - .ASF extension (10 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF\OpenWithList

Windows.OpenWith: [SBI $CDE7D0A6] Open with list - .ASX extension (4 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASX\OpenWithList

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (6 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $DCEE25EC] Open with list - .BAK extension (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (2 files) (Registry key, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (8 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows.OpenWith: [SBI $21C40B70] Open with list - .CAL extension (2 files) (Registry key, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAL\OpenWithList

Windows.OpenWith: [SBI $21C40B70] Open with list - .CAL extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAL\OpenWithList

Windows.OpenWith: [SBI $21C40B70] Open with list - .CAL extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAL\OpenWithList

Windows.OpenWith: [SBI $9E8D5C8A] Open with list - .CDA extension (5 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList

Windows.OpenWith: [SBI $90385037] Open with list - .CMP extension (2 files) (Registry key, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CMP\OpenWithList

Windows.OpenWith: [SBI $90385037] Open with list - .CMP extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CMP\OpenWithList

Windows.OpenWith: [SBI $90385037] Open with list - .CMP extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CMP\OpenWithList

Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList

Windows.OpenWith: [SBI $A6576FA1] Open with list - .CUR extension (2 files) (Registry key, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUR\OpenWithList

Windows.OpenWith: [SBI $A6576FA1] Open with list - .CUR extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUR\OpenWithList

Windows.OpenWith: [SBI $A6576FA1] Open with list - .CUR extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUR\OpenWithList

Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (269 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

Windows Explorer: [SBI $AA0766B5] Stream history (34 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (3159 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (247 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $B7EBA926] Last visited history (26 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

antenner
2007-11-09, 20:25
it's too long to put it all here, I didn't realize that. This thing is 145 pages long. Why is it so long? I don't know how to show you the detections report as it looks in spybot since the rightclick to copy the report retrieves so much more than I thought.

antenner
2007-11-09, 20:29
Additionally, usage tracks detections I found mention: "Logs won't be deleted, just moved to a folder inside the Spybot-S&D directory to make it more difficult for spies to automatically detect them."

What if I ever uninstall Spybot? Won't i have lost whatever it was that was in this folder inside Spybot? And do I need it?

spybotsandra
2007-11-10, 01:54
Hello,

Spybot - Search & Destroy is detecting Windows Security Center associated with Microsoft Security Center Registry changes. This is neither a false positive nor a bug. It is just an information.
Spybot-S&D only wants to bring to your attention that "someone" disabled one or more notifications in the Windows Security Center, e.g. the notifications that your virus protection is not active or not up-to-date. If you changed the settings yourself you can safely tell Spybot-S&D to exclude those detections from further scans.
In order to do so please right-click each in turn, then click "exclude this detection from future scans". That way, should any other part of security center settings change, Spybot-S&D will still detect those.
The same is true if you have another security solution installed (like McAfee Security Center or Norton Internet Security). These programs do also disable the Windows Security Center in order to take care of things themselves.
The reason why the changes are flagged by Spybot-S&D is that there are also malware programs that disable the notifications so the user doesn't take note of his security tools not being effective.

Some more information is also available in our forum:
http://forums.spybot.info/showthread.php?t=87

Usage tracks are your fingerprints in your system. Whenever you visit a page with your browser, or just open any file, that information is stored deep inside Windows. In most cases that is very useful – if you want to open that file again, you can select it from a list instead of typing the whole filename or browsing the whole directory structure again.

But in some cases you may want to hide your activity, because spyware and internet attackers may use that information. Spybot-Search&Destroy can remove some of the most important and common tracks on your system.
You may still decide to keep a threat, or just a usage track. Maybe you don't want your list of most recently used Word documents removed?
At this point you have three options.

* You could decide on ignoring all usage tracks. In that case you could open the File sets page on the Settings section
of the program, and disable the Usage tracks entries.
* Or if you want to just keep all tracks from a specific product, just right-click a product in the results list.
* Finally, if you want to keep just one file, that is possible the same way

The usage tracks that Spybot store are not needed in that form. It is only a result of a scan. So when you uninstall Spybot you won't miss any important files that are related to usage tracks.

Best regards
Sandra
Team Spybot

antenner
2007-11-11, 01:31
Thanks, i was partly wondering about the danger of deleting the usage tracks. But I went ahead and just let Spybot fix everything and thus far nothing has stopped working, fingers crossed.

I don't understand why the report is so long and how to tell which things I need to worry about.

DrWhoFL
2007-11-11, 17:34
Thanks, i was partly wondering about the danger of deleting the usage tracks. But I went ahead and just let Spybot fix everything and thus far nothing has stopped working, fingers crossed.

I don't understand why the report is so long and how to tell which things I need to worry about.

May I weigh in on this topic?

Thank you.

I'm in the computer security business and I DO install Spybot S&D for all my home computer customers.

If I shut off Automatic updates, for instance, I tell Spybot to exclude that from future scans.

An extended list of log files tells me that your computer is really loaded with junk. Three months after a clean install of Windows XP-pro on my own PC, I did a search for .log files and was horrified to get over 4000 hits.
Since then I do a search and destroy for .log files as a part of my weekly maintenance routine.
I use "Easy Cleaner 2" to accomplish this little task, by adding *.log to the Find box in 'Remove Unnecessary Files'.
Easy Cleaner will NOT remove any log file currently being used (open) by windows.
So far, I've seen no 'Down-Side' to doing this and it does keep my HD a lot cleaner.

File control and maintenance does NOT happen by accident, you have to work at it, a little bit anyway.

Usage tracks? Do you mean "MRU's"?
Those things are like newspapers,,,,they will build up forever till you throw them out. I do this daily with a little utility called "MRU Blaster". Been running it for years.

I think in your case, I'd just let Spybot S&D, do its thing. It does it so well.

Cheers Mate!
The Doctor :cool:

antenner
2007-11-11, 19:50
Thanks, Doctor. All I meant by usage tracks was that I had a ton of "green" results in addition to red ones. The red ones had to do with Windows Security or something, probably was me turning McAfee on and off. I probably can't tell it to ignore that in case a virus manages to do the same thing....

The green detections were a ton of things, almost every piece of software on my computer seemed to be included in some way. I did tell spybot to fix everything and at present that seems to have not hurt.

My computer has been running sort of slow at times. I tried to uncheck some of the things that load up when windows starts using MSCONFIG. I am in a Selective Startup all the time. I hope there's nothing wrong with that. One woman from AOL mistakenly told me I'm supposed to ordinarily be in NORMAL startup and when I did that I had all sorts of extra things starting that I didn't want.

I also hate how McAfee constantly reminds me to check for a new update, which to me means it's working in the background more than I want it to, maybe serving as spyware. I can't get it to stop completely even temporarily unless I were to completely uninstall it. Years ago antivirus could be turned off by rightclicking an icon. Not with McAfee at the moment; it only partially turns off. And I don't know if AVG would be any better about allowing me to turn it off if I want it off sometimes.

As for Logs, all i know is I had a bunch of green entries and I copied and pasted here the full report not realizing they'd show any "log" entries. I hope logs don't do anything useful. I'll check into the software you've mentioned. I'd like to have a lot less extra stuff being stored on my computer, a lot fewer processes running without my being aware, and a lot more control over what is going on but without making it hard to use the computer.

I also run into a lot of trouble phishing attempts at Myspace while maintaining a band page. Sometimes these are messages that display ad jpgs with embedded links that might be trying to attack my computer. One time I mistakenly clicked one of those (it was a counterfeit of a reply button) without remembering I'd temporarily turned off my antivirus, although I MAY have had teatimer on and certainly had NoScript running. Then I ran Mcafee and found nothing. After that I ran spybot and wrote you folks.

I guess I was lucky this time as far as that link putting a virus on my computer because hopefully Mcafee or spybot would have located it. I also have mcafee firewall. Am thinking of switching to AVG antivirus if it will allow me to turn it completely off without popups when I occasionally want that.