Scan Result
- Thread starter Charly
- Start date
Hi Eliuri,
I unchecked the second item (the first one was unchecked already) and a
consequent scan revealed the following:-
--- Search result list ---
Windows.Security.InternetExplorer: Settings (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet
Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe!=W=1
Windows.Security.InternetExplorer: Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet
Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe!=W=1
Regards,
I unchecked the second item (the first one was unchecked already) and a
consequent scan revealed the following:-
--- Search result list ---
Windows.Security.InternetExplorer: Settings (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet
Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe!=W=1
Windows.Security.InternetExplorer: Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet
Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe!=W=1
Regards,
Related or coincidence?
Eliuri and all
Recently I installed Adobe Creative Suite 2 (CS2), downloaded the new definitions, got the same error as those on this thread, but also, ALL of my .htm and .html file icons have turned to the generic icon, as if there were no program to open the files.
They are clearly associated with IE, open with IE when double-clicked upon, and in Folder Options/File Types/ I can see the association, and they open with IE when double-clicked upon.
Coincidence? Related? Bad timing? Bad luck?
Thanks,
folsombob
Eliuri and all
Recently I installed Adobe Creative Suite 2 (CS2), downloaded the new definitions, got the same error as those on this thread, but also, ALL of my .htm and .html file icons have turned to the generic icon, as if there were no program to open the files.
They are clearly associated with IE, open with IE when double-clicked upon, and in Folder Options/File Types/ I can see the association, and they open with IE when double-clicked upon.
Coincidence? Related? Bad timing? Bad luck?
Thanks,
folsombob
Folsombob wrote:
"They are clearly associated with IE, open with IE when double-clicked upon, and in Folder Options/File Types/ I can see the association, and they open with IE when double-clicked upon."
Hello folsombob:
I really don't know much about the technical aspects here, and what I posted last week was based on my own experience with this. I'm not familiar with Adobe Creative Suite.
But having said that, let me hazard a guess as to what might have happened here, and I suppose you can test it out rather easily.
When you prevented active content from running files on your computer, you essentially told IE not to run active content associated with .htm or .html files. Perhaps that's what's needed to enable those particular file icons from showing in their non-generic form. You might test this out by rechecking in that box in the Advanced--> Security scroll down in Internet Options. By reallowing it, you might get those icons to display as before. If so, I guess it's up to you if you wish to override this security setting of IE.
Another approach might be to install Mozilla-Firefox and to set it as your default browser , just to see if those earlier icons are restored. You can readily switch back to Internet Explorer as your default browser if you want to or if it doesn't resolve this. I find it much easier to get customized icons on Firefox than it is with IE and supposedly, they incur little if any security risks.
Might help and unlikely to hurt...
Good luck:
-Eliuri
"They are clearly associated with IE, open with IE when double-clicked upon, and in Folder Options/File Types/ I can see the association, and they open with IE when double-clicked upon."
Hello folsombob:
I really don't know much about the technical aspects here, and what I posted last week was based on my own experience with this. I'm not familiar with Adobe Creative Suite.
But having said that, let me hazard a guess as to what might have happened here, and I suppose you can test it out rather easily.
When you prevented active content from running files on your computer, you essentially told IE not to run active content associated with .htm or .html files. Perhaps that's what's needed to enable those particular file icons from showing in their non-generic form. You might test this out by rechecking in that box in the Advanced--> Security scroll down in Internet Options. By reallowing it, you might get those icons to display as before. If so, I guess it's up to you if you wish to override this security setting of IE.
Another approach might be to install Mozilla-Firefox and to set it as your default browser , just to see if those earlier icons are restored. You can readily switch back to Internet Explorer as your default browser if you want to or if it doesn't resolve this. I find it much easier to get customized icons on Firefox than it is with IE and supposedly, they incur little if any security risks.
Might help and unlikely to hurt...
Good luck:
-Eliuri
Hi again, Charly:
The possibility of this being a false positive has recently been raised in a few microsoft.public newsgroups. Hopefully, this will be sorted out soon. Might be best to leave it alone till the matter is resolved.
Check at:
microsoft.public.internetexplorer.security
and
microsoft.public.internetexplorer.general
with regard to an August 25 post on this matter.
I access those newsgroups via Outlook Express.
If I were you, I'd leave it as is till this matter is clarified.
Take care:
-Eliuri
IE oddity
Spybot was reporting Windows.Security.InternetExplorer continuously on my machine too, even after repeated 'cleans'. I checked my Internet Explorer advanced options and none of the following suspect options was checked (first three items under the sub-heading Security):
:bigthumb:
Spybot was reporting Windows.Security.InternetExplorer continuously on my machine too, even after repeated 'cleans'. I checked my Internet Explorer advanced options and none of the following suspect options was checked (first three items under the sub-heading Security):
- Allow active content from CDs to run on My Computer
- Allow active content to run in files on My Computer
- Allow software to run or install even if the signature is invalid
:bigthumb:
What I'd like to know is why when I right click on this key which Spybot has flagged after the latest definitions were installed
Windows.Security.InternetExplorer: Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1627089689-3221996064-4092179728-1005\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe!=W=1
Spybot takes me to this key in the registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates
\AuthRoot\Certificates\049811056AFE9FD0F5BE01685AACE6A5D1C4454C
A key regarding Root Certs has nothing to do with the key detected by Spybot as having changed. This odd discrepancy alerted me immediately to the possibility of a FP. I am telling Spybot to ignore this until we get some official determination about it.
Windows.Security.InternetExplorer: Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1627089689-3221996064-4092179728-1005\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe!=W=1
Spybot takes me to this key in the registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates
\AuthRoot\Certificates\049811056AFE9FD0F5BE01685AACE6A5D1C4454C
A key regarding Root Certs has nothing to do with the key detected by Spybot as having changed. This odd discrepancy alerted me immediately to the possibility of a FP. I am telling Spybot to ignore this until we get some official determination about it.
md usa spybot fan
Spybot Advisor Team [Retired]
Mele20:
I believe that you may be misinterpreting what is happening.
It appears that expanding the Windows.Security.InternetExplorer detection, highlighting and right clicking on the detailed entry > selecting "More details" > "Jump to location" opens the Registry Editor. However, it appears to me that the Registry Editor opens to wherever it was left when it was last use, not to the specific registry key in the detection or any other specific entry.
I believe that you may be misinterpreting what is happening.
It appears that expanding the Windows.Security.InternetExplorer detection, highlighting and right clicking on the detailed entry > selecting "More details" > "Jump to location" opens the Registry Editor. However, it appears to me that the Registry Editor opens to wherever it was left when it was last use, not to the specific registry key in the detection or any other specific entry.
Last edited:
Hi Eliuri,
sorry for pestering you again but the latest scan result still show the same old findings:-
--- Report generated: 2006-09-03 16:56 ---
Windows.Security.InternetExplorer: Settings (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe!=W=1
Windows.Security.InternetExplorer: Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe!=W=1
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
---------------------------------------------------
I followed the recommendations as posted by "Viral" dated 08/27/06 19:22 but without any success.
Was wondering if anything *new* has transpired to rectify these persistent findings.
I am a novice and my computer terminologies are not up to scratch but am willing to try anything. If available, would appreciate some easy-to-read 'cum' easy-to-implement guidance.
With best regards,
Charly.
sorry for pestering you again but the latest scan result still show the same old findings:-
--- Report generated: 2006-09-03 16:56 ---
Windows.Security.InternetExplorer: Settings (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe!=W=1
Windows.Security.InternetExplorer: Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe!=W=1
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
---------------------------------------------------
I followed the recommendations as posted by "Viral" dated 08/27/06 19:22 but without any success.
Was wondering if anything *new* has transpired to rectify these persistent findings.
I am a novice and my computer terminologies are not up to scratch but am willing to try anything. If available, would appreciate some easy-to-read 'cum' easy-to-implement guidance.
With best regards,
Charly.
Hi again Charly:
You could place those two items in the Ignore Single Entries list the next time they appear in the scan result. You've already asked Spybot to correct them, and they simply reappeared. Possibly a future definition update will correct this. You could try removing it from ignore when the next definition file is downloaded, and re-ignore them if its still flagged.. Anyhow, I guess that's what I would do...
I don't know enough about the registry to speculate as to the problem, but it seems others are having difficulties with this finding as well.
Take care;
-Eliuri
You could place those two items in the Ignore Single Entries list the next time they appear in the scan result. You've already asked Spybot to correct them, and they simply reappeared. Possibly a future definition update will correct this. You could try removing it from ignore when the next definition file is downloaded, and re-ignore them if its still flagged.. Anyhow, I guess that's what I would do...
I don't know enough about the registry to speculate as to the problem, but it seems others are having difficulties with this finding as well.
Take care;
-Eliuri
Thanks Eliuri.
Mystified Old Dude
Hi, Spybot lovers;
I can't make this thing go away and you guys are talking about things I have yet to comprehend. S&D does not blow it away despite the fact that it thinks it does.
Does anyone know if this little glitch threatens us or should we ignore it?
System seems to be doing OK, however this bugger jumped out at me after I mistakenly downloaded some S/W accompanying BSPlayer download, which immediately made itself look like it was trying to get into my communications, etc.
Any feedback would be appreciated.
Hi, Spybot lovers;
I can't make this thing go away and you guys are talking about things I have yet to comprehend. S&D does not blow it away despite the fact that it thinks it does.
Does anyone know if this little glitch threatens us or should we ignore it?
System seems to be doing OK, however this bugger jumped out at me after I mistakenly downloaded some S/W accompanying BSPlayer download, which immediately made itself look like it was trying to get into my communications, etc.
Any feedback would be appreciated.
Hi Outsider,
I am a NEWBIE here also. I am no computer wiz. I spend hours at a time searching for answers!
This issue was no different! I contacted SPYBOT who gave me a list of websites, (including this thread), .....all of which are mentioned in this thread (some of which I had found on my own).
On my own, nothing made sense! But coming here, reading post by post, going to the link when it appears, it started making some sense. I do not understand it all, but it makes a lot more sense than it did before coming here.
This place is :bigthumb: Thank you all so much for the info!:heart: :heart: :angel: :angel: I greatly appreciate it. I can finally move on to other things!!!!!!
: Learn 2
I am a NEWBIE here also. I am no computer wiz. I spend hours at a time searching for answers!
This issue was no different! I contacted SPYBOT who gave me a list of websites, (including this thread), .....all of which are mentioned in this thread (some of which I had found on my own).
On my own, nothing made sense! But coming here, reading post by post, going to the link when it appears, it started making some sense. I do not understand it all, but it makes a lot more sense than it did before coming here.
This place is :bigthumb: Thank you all so much for the info!:heart: :heart: :angel: :angel: I greatly appreciate it. I can finally move on to other things!!!!!!
: Learn 2musicalpulltoy
New member
:spider:
it still exist 3 years later
Microsoft.Windows.Security.InternetExplorer: [SBI $366713D4] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe
it still exist 3 years later
Microsoft.Windows.Security.InternetExplorer: [SBI $366713D4] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe
spybotsandra
New member
Hello,
It might be the best next time to open a new thread instead of posting in a 7 year old one.
So which Spybot version do you run?
Which Windows version do you have?
Best regards
Sandra
Team Spybot
It might be the best next time to open a new thread instead of posting in a 7 year old one.
So which Spybot version do you run?
Which Windows version do you have?
Best regards
Sandra
Team Spybot