Page 2 of 5 FirstFirst 12345 LastLast
Results 11 to 20 of 43

Thread: Microsoft.Windows.AppFirewallBypass

  1. #11
    Senior Member Yodama's Avatar
    Join Date
    Oct 2005
    Location
    Buchenheim
    Posts
    1,110

    Default

    It is not a false positives unless you want your Internet Explorer to accept incoming requests. The normal use for the IE is to sent request not to accept them, meaning that it is acting as a client not a server.
    In some cases however it may be required for the IE to accept incoming requests, for instance if you make an online scan. But the IE should only be able to accept requests for such special purposes, after that you should unauthorize the IE for the Windows Firewall , so that you are aware if a website tries to make requests to your browser.
    If you scan online often you may want to set
    Microsoft.Windows.IEFirewallBypass
    to the ignored products list. You can also configure the Windows Firewall to ask again and not authorize permanently.
    born in the shadow to die in the shadow, that is the fate of the shinobi

    Spybot S&D Downloads

    Please help us improve Spybot and download our distributed testing client.

  2. #12
    Member
    Join Date
    Jan 2007
    Location
    UK
    Posts
    39

    Default

    I'm getting this alert too (but only after today's update), but even after reading the above posts I don't understand what it means, nor what to do about it.

    1. I don't use the Windows firewall. It's switched off. I use the AVG firewall.
    2. Internet Explorer is not selected as an exception in Windows Firewall.

    Could someone please explain clearly why we are getting this alert (even when Windows firewall is off, and IE is NOT a selected exception) and explain precisely what action we should take about this alert?

  3. #13
    Junior Member
    Join Date
    May 2006
    Posts
    18

    Default

    Yodama:
    Sorry I don't know if it's a matter of English or how I'm expressing myself. Please indicate your recommendation: (a) or (b) please. I just surf the net, I don't do anything special or clever.

  4. #14
    Senior Member Yodama's Avatar
    Join Date
    Oct 2005
    Location
    Buchenheim
    Posts
    1,110

    Default

    @Alan D

    Spybot looks for what has been entered into the list of authorised applications, it does not matter if the entry is disabled or enabled, even if the Windows Firewall is deactivated.

    Fixing this will remove the IE from the list of authorized applications for the Windows Firewall only, it will have no effet on the AVG Firewall.

    And it will have no effect on the normal internet browsing with the IE.
    born in the shadow to die in the shadow, that is the fate of the shinobi

    Spybot S&D Downloads

    Please help us improve Spybot and download our distributed testing client.

  5. #15
    Junior Member
    Join Date
    Jun 2007
    Posts
    20

    Default About IEFirewallBypass

    Hello, I am just new on this forum and, more, I am french, so sorry for my poor english...
    As others, I have this dection since yesterday update:
    Microsoft.Windows.IEFirewallBypass: Réglages (Valeur du registre, nothing done)
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE

    Microsoft.Windows.IEFirewallBypass: Réglages (Valeur du registre, nothing done)
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE

    I read the different posts and have understood the problem, I think.
    But my question is:
    1. Is it necessary to fix it? A security necessity? (I use McAfee fire wall)
    2. Or just exclude it of next scans by right-click?
    Thank you and regards.
    Last edited by jerome1951; 2007-06-21 at 11:58.

  6. #16
    Senior Member Yodama's Avatar
    Join Date
    Oct 2005
    Location
    Buchenheim
    Posts
    1,110

    Default

    Hello jerome1951,

    if you have a personal firewall like the McAfee or AVG firewall running, there is no necessity in terms of security to have Spybot fix this. Your personal firewall already watches over incoming and outgoing connections, and there no need to use the Windows Firewall and another personal firewall.

    This is only of concern if only the Windows Firewall is being used.
    born in the shadow to die in the shadow, that is the fate of the shinobi

    Spybot S&D Downloads

    Please help us improve Spybot and download our distributed testing client.

  7. #17
    Member
    Join Date
    Jan 2007
    Location
    UK
    Posts
    39

    Default

    Thanks Yodama, I'm starting to understand a bit more now what's going on.

    1. Are we getting this alert (which has never appeared before) ...
    (a) because something has changed in our computers? or
    (b) because this is a new detection only recently added to Spybot' database?

    2. If I were to delete the Internet Explorer exception entry in the Windows firewall configuration, rather than merely untick it as at present, would that do basically the same job as letting Spybot fix the 'issue'?

  8. #18
    Member
    Join Date
    Jan 2007
    Location
    UK
    Posts
    39

    Default

    Quote Originally Posted by Yodama View Post
    if you have a personal firewall like the McAfee or AVG firewall running, there is no necessity in terms of security to have Spybot fix this.
    Ah!!! This is really important information! Thank you.

  9. #19
    Junior Member
    Join Date
    Jun 2007
    Posts
    20

    Default

    Thank you Yodama for your quick answer.
    So, according to you, can I exclude the detection of next scans by right-click to recover serenity and a clean scan?
    It seems to be more an INFORMATION than an INFECTION, am I right? More or less the same thing that "Windows Security Center"?
    Regards.
    Last edited by jerome1951; 2007-06-21 at 12:14.

  10. #20
    Junior Member
    Join Date
    May 2006
    Posts
    18

    Default

    Still not understanding Yodama's remarks, I've just added the two entries to the 'ignore single entries'.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •