PDA

View Full Version : Spybot - & Windows Firewall



Superstar31
2006-09-27, 19:19
So i've installed Spybot and updated to the lastest version as of 9.27.06. Anyways I'm using WinXP and ran Spybot. Normally i can't make changes to my windows firewall (locked by group polices/admin/higherup) So i can't change it on or off (default is off) Anyways after I ran spybot, it said something about the firewall, i figured it couldn't change it either so i just fixed all errors and what do you know, it turned ON windows firewall :( I can't change it back off and now that stupid firewall keeps asking permission for files. Is there a way to change it back? I can't change it under "Windows Firewall" (its grayed out)

Any help would be much appreciated...

Thanks

Superstar31
2006-09-27, 20:11
Fixed........

Changed the registry setting of

HKEY_Local_Machine\Software\Policies\Microsoft\windowsfireall\domainprofile\enablefirewall!=dword:0

I could be off on what i typed (letters might be incorrect)

but it fixed my problem.

md usa spybot fan
2006-09-27, 20:21
Post deleted.

Superstar31
2006-09-27, 20:26
21.09.2006 10:43:21 - ##### check started #####
21.09.2006 10:43:21 - ### Version: 1.4
21.09.2006 10:43:21 - ### Date: 9/21/2006 10:43:21 AM
21.09.2006 10:43:26 - ##### checking bots #####
21.09.2006 10:45:18 - found: Windows Security Center.AntiVirusDisableNotify Settings
21.09.2006 10:45:18 - found: Windows Security Center.FirewallDisabled Settings
21.09.2006 10:45:18 - found: Windows Security Center.FirewallDisableNotify Settings
21.09.2006 10:45:18 - found: Windows Security Center.UpdateDisableNotify Settings
21.09.2006 10:47:11 - found: HitsLink Tracking cookie (Internet Explorer: momiller)
21.09.2006 10:47:11 - found: DoubleClick Tracking cookie (Internet Explorer: momiller)
21.09.2006 10:47:11 - found: HitBox Tracking cookie (Internet Explorer: momiller)
21.09.2006 10:47:11 - found: HitBox Tracking cookie (Internet Explorer: momiller)
21.09.2006 10:47:11 - found: MediaPlex Tracking cookie (Internet Explorer: momiller)
21.09.2006 10:47:11 - found: Advertising.com Tracking cookie (Internet Explorer: momiller)
21.09.2006 10:47:12 - found: Avenue A, Inc. Tracking cookie (Internet Explorer: momiller)
21.09.2006 10:47:12 - found: Advertising.com Tracking cookie (Firefox: default)
21.09.2006 10:47:12 - found: Advertising.com Tracking cookie (Firefox: default)
21.09.2006 10:47:12 - found: Advertising.com Tracking cookie (Firefox: default)
21.09.2006 10:47:12 - found: Advertising.com Tracking cookie (Firefox: default)
21.09.2006 10:47:12 - found: Advertising.com Tracking cookie (Firefox: default)
21.09.2006 10:47:12 - found: Avenue A, Inc. Tracking cookie (Firefox: default)
21.09.2006 10:47:12 - found: DoubleClick Tracking cookie (Firefox: default)
21.09.2006 10:47:12 - found: FastClick Tracking cookie (Firefox: default)
21.09.2006 10:47:12 - found: FastClick Tracking cookie (Firefox: default)
21.09.2006 10:47:12 - found: FastClick Tracking cookie (Firefox: default)
21.09.2006 10:47:12 - found: FastClick Tracking cookie (Firefox: default)
21.09.2006 10:47:13 - found: MediaPlex Tracking cookie (Firefox: default)
21.09.2006 10:47:17 - ##### check finished #####




--- Report generated: 2006-09-21 10:47 ---

Windows Security Center.AntiVirusDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0

Windows Security Center.FirewallDisabled: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windowsfirewall\domainprofile\enablefirewall!=dword:1

Windows Security Center.FirewallDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0

Windows Security Center.UpdateDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify!=dword:0

HitsLink: Tracking cookie (Internet Explorer: momiller) (Cookie, nothing done)


DoubleClick: Tracking cookie (Internet Explorer: momiller) (Cookie, nothing done)


HitBox: Tracking cookie (Internet Explorer: momiller) (Cookie, nothing done)


HitBox: Tracking cookie (Internet Explorer: momiller) (Cookie, nothing done)


MediaPlex: Tracking cookie (Internet Explorer: momiller) (Cookie, nothing done)


Advertising.com: Tracking cookie (Internet Explorer: momiller) (Cookie, nothing done)


Avenue A, Inc.: Tracking cookie (Internet Explorer: momiller) (Cookie, nothing done)


Advertising.com: Tracking cookie (Firefox: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Firefox: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Firefox: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Firefox: default) (Cookie, nothing done)


Advertising.com: Tracking cookie (Firefox: default) (Cookie, nothing done)


Avenue A, Inc.: Tracking cookie (Firefox: default) (Cookie, nothing done)


DoubleClick: Tracking cookie (Firefox: default) (Cookie, nothing done)


FastClick: Tracking cookie (Firefox: default) (Cookie, nothing done)


FastClick: Tracking cookie (Firefox: default) (Cookie, nothing done)


FastClick: Tracking cookie (Firefox: default) (Cookie, nothing done)


FastClick: Tracking cookie (Firefox: default) (Cookie, nothing done)


MediaPlex: Tracking cookie (Firefox: default) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-09-21 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-09-15 Includes\Cookies.sbi (*)
2006-09-15 Includes\Dialer.sbi (*)
2006-09-15 Includes\Hijackers.sbi (*)
2006-09-15 Includes\Keyloggers.sbi (*)
2006-09-15 Includes\Malware.sbi (*)
2006-09-15 Includes\PUPS.sbi (*)
2006-09-15 Includes\Revision.sbi (*)
2006-09-15 Includes\Security.sbi (*)
2006-09-15 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-09-15 Includes\Trojans.sbi (*)


**** You deleted your post, but here is the information anyways!! Also i didn't understand what you were saying, just what you were requesting

Superstar31
2006-09-27, 20:30
**********************************************************
That is still not the entry detection. We may be able to use Spybot > Recovery but you show the entry detection. Please post the Fixes.yymmdd-hhmm.log from when you did the "Fix selected problems" that caused the problem and possibly we can tell you to reverse what was done.

By default here are two Checks.yymmdd-hhmm logs produced during a scan. The second Checks.yymmdd-hhmm has the details of what the scan found. A Fixes.yymmdd-hhmm log is produced if you fix or attempt to fix something.

There are two methods to post the Fixes.yymmdd-hhmm.log:

* Method 1:
o Go into Spybot > Mode > Advanced mode > Tools > View Reports > View Pervious reports. Look for the Fixes.yymmdd-hhmm.log file that contains fix you want reversed. Open it. To copy the log to the Clipboard, right click on the listing and select Select All > Right click again and select Copy. Paste the contents of the Clipboard (Ctrl+V) into a new post in this thread.
* Method 2
o The Checks.yymmdd-hhmm.log and Fixes.yymmdd-hhmm.log files are stored in the following folders:
+ Windows 95 or 98:
C:\Windows\Application Data\Spybot - Search & Destroy\Logs
+ Windows ME:
C:\Windows\All Users\Application Data\Spybot - Search & Destroy\Logs
+ Windows NT, 2000 or XP:
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs
o Using Windows Explorer, navigate to the correct Fixes.yymmdd-hhmm.log. Double click on it and it should open with Notepad. To copy it to the Clipboard, right click on the listing and select Select All > Right click again and select Copy. Paste the contents of the Clipboard (Ctrl+V) into a new post in this thread
**********************************************************
You deleted this post and I didn't understand what you were saying

md usa spybot fan
2006-09-27, 20:40
I just wanted to see the actual detection so that I could help you. But by I posted you indidicated you had fixed the problem, so I deleted the post.

anthonyw808
2007-03-09, 04:02
How does spybot actually override Group Policy? Does it simply alter the registry key after login???