Having run spybot earlier, I removed 45 tracking cookies from firefox. I've looked over the log from that (as well as looked over the actual results in the S&D program two hours ago) and they all were definitely cookies; Legitimate results. Also removed was the default C:\WINDOWS\WEB\RELATED.HTM - no big deal, it's all good.

Then I updated the 'Advanced detection library', 'Detection rules', 'Detection support library', 'English descriptions', 'English help', 'English help for TeaTimer', 'English ' & 'Immunization database' and ran the 'Check for problems' again.
[9/24/2006 11:22:54 PM Downloaded update info file. (http://www.safer-networking.org/updates/spybotsd.ini)]

This time I got seven more "problems" as listed below. I searched through these forums just a little bit but didn't find much that helped. Maybe you (somebody) can correct this update or tell me something I don't know?

AdvancedSearchBar: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Vicman Software
(this is actually ""hxxp://www.freedownloadmanager.org/" Free Download Manager" which is no spyware but very good software; it even sports a SOFTPEDIA "100% FREE" AWARD (http://www.softpedia.com/progClean/Free-Download-Manager--build--Final-Clean-13192.html))

CoolWWWSearch: Bookmark (Firefox: default) (Bookmark, nothing done)
(this is actually only a bookmark to Word Detective (http://www.word-detective.com/))

Unknown: Bookmark (Firefox: default) (Bookmark, nothing done)
(this bookmark is to The Freenet Project (http://freenetproject.org/))

CoolWWWSearch: Bookmark (Firefox: default) (Bookmark, nothing done)
(this bookmark is a search for plugins at http://opera.com)

Winsoftware.WinAntiVirusPro2006: Bookmark (Firefox: default) (Bookmark, nothing done)
(this bookmark is for 'Columbia Encyclopedia - Bartleby.com (http://www.bartleby.com/65/)' )

Vcodec.eMedia: Bookmark (Firefox: default) (Bookmark, nothing done)
(this bookmark is for http://www.harvard.edu )

Smitfraud-C.: Bookmark (Firefox: default) (Bookmark, nothing done)
(this bookmark is Franklin Institute Online (http://www.fi.edu) )

SpywareQuake: Bookmark (Firefox: default) (Bookmark, nothing done)
(this bookmark is for the Crystal VST audio plugin (http://greenoak.com/crystal/) )

--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-09-23 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-09-22 Includes\Cookies.sbi (*)
2006-09-22 Includes\Dialer.sbi (*)
2006-09-22 Includes\Hijackers.sbi (*)
2006-09-22 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-09-22 Includes\Malware.sbi (*)
2006-09-22 Includes\PUPS.sbi (*)
2006-09-22 Includes\Revision.sbi (*)
2006-09-22 Includes\Security.sbi (*)
2006-09-22 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-09-22 Includes\Trojans.sbi (*)

thanks,
-Dan

hi,

AdvancedSearchBar: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Vicman Software

is a false positive and will be removed from detection with the next update, sceduled for the end of the week.

the bookmarks appear to be falsely flagged as well, but I have not been able to recreate the false positives with your info about them.
please provide info about the bookmarks, like how you named them in the browser and the name of the folder they are.


please note that freedownloadmanager seems to be ok, but the website provides links to a lot of bad downloads such as trojans, thus we disabled the link to freedownloadmanagers website.

CoolWWWSearch: Bookmark (Firefox: default) (Bookmark, nothing done)
Name:Word Detective
Location:
http://www.word-detective.com/
Folder: Bookmarks/REF/Dictionary/language

Unknown: Bookmark (Firefox: default)
Name: The Freenet Project - index - beginner
Location: http://www.freenetproject.org/
Folder: Bookmarks/REF/DICTIONARY/language

CoolWWWSearch: Bookmark (Firefox: default)
Name: Opera KB - plugins search
Location: http://www.opera.com/support/search/supsearch.dml?keyword=plugins&maximumhits=15&platform=winnew
Folder: Bookmarks/Opera/Opera/voice

Winsoftware.WinAntiVirusPro2006: Bookmark (Firefox: default)
Name: Columbia Encyclopedia - Bartleby.com
Location: http://www.bartleby.com/65/
Folder: Bookmarks/REF/ENCYCLOPEDIA

Vcodec.eMedia: Bookmark (Firefox: default)
Name: Harvard
Location: http://www.harvard.edu/
Folder: Bookmarks/REF/Research

Smitfraud-C.: Bookmark (Firefox: default)
Name: Franklin Institute Online
Location: http://www.fi.edu/
Folder: Bookmarks/REF/Science

SpywareQuake: Bookmark (Firefox: default)
Name: Crystal VST
Location: http://www.greenoak.com/crystal/
Folder: Bookmarks/WHTT
-------------------------
just did another scan that didn't include the bookmarks but only:

AdvancedSearchBar: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Vicman Software

("Free Download Manager (http://www.freedownloadmanager.org/)")

My product is named Advanced Searchbar (it can be found at http://www.advancedsearchbar.com), which has absolutely no spyware, no adware, no malware but some people are going to be confused with whatever you are detecting being named the same as my toolbar. An example can be found here http://www.download.com/Advanced-Searchbar/3640-12770_4-10583419.html?tag=tab_ur

Please rename it so that it's not confused with my toolbar.

Thank you,
Gerald O'Dea
Advanced Search Technologies, Inc.

Please rename it so that it's not confused with my toolbar.
There is no longer a detection within Spybot-S&D named "AdvancedSearchBar". It was removed with the 2006-09-29 updates.