Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Ignore or fix red detections?

  1. #1
    Junior Member
    Join Date
    Sep 2007
    Posts
    9

    Default Ignore or fix red detections?

    I have a long list of green detections, so long that it aborted the search, and a short list of red detections related to Microsoft.Windows.Security.InternetExplorer and antivirusdisable, and firewalldisable in the windowssecuritycenter section.

    If I feel that these red items were normally expected changes to do with decisions i made with my antivirus, do I have them "fixed" anyway or "ignore" them? How do you set them to not be red any more? I do want to know if a virus makes a change in the future so I would be afraid to turn the item off entirely.

    And i have no idea when one is supposed to leave a green item alone or what are the consequences of "fixing" something. I'm afraid to hurt my computer. Is it safe to just tell it to "fix all"? I'm also not clear what is being done in Immunize.

    The next post contains my detections report. Can I safely "fix all" without something being removed that will harm my use of the computer?

    i don't want spyware cookies on the computer. I do probably want to be able to see my recent documents in Word but that's about it.

  2. #2
    Junior Member
    Join Date
    Sep 2007
    Posts
    9

    Default my detecton list part 1

    --- Search result list ---
    WildTangent: [SBI $3A3BDC07] Program directory (Directory, nothing done)
    C:\WINDOWS\wt\

    Microsoft.Windows.Security.InternetExplorer: [SBI $366713D4] Settings (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe

    Microsoft.Windows.Security.InternetExplorer: [SBI $A3433CBF] Settings (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe

    Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: [SBI $5509538C] Settings (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify

    Microsoft.WindowsSecurityCenter.FirewallDisableNotify: [SBI $8CFC8C85] Settings (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify

    Common Dialogs: [SBI $2D4720C9] History (315 files) (Registry key, nothing done)
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU




    next post part 2

  3. #3
    Junior Member
    Join Date
    Sep 2007
    Posts
    9

    Default detections list part 2

    Log: [SBI $2D4720C9] Activity: COM+.log (Backup file, nothing done)
    C:\WINDOWS\COM+.log

    Log: [SBI $2D4720C9] Activity: SchedLgU.Txt (Backup file, nothing done)
    C:\WINDOWS\SchedLgU.Txt

    Log: [SBI $2D4720C9] Activity: imsins.log (Backup file, nothing done)
    C:\WINDOWS\imsins.log

    Log: [SBI $2D4720C9] Activity: OEWABLog.txt (Backup file, nothing done)
    C:\WINDOWS\OEWABLog.txt

    Log: [SBI $2D4720C9] Activity: ntbtlog.txt (Backup file, nothing done)
    C:\WINDOWS\ntbtlog.txt

    Log: [SBI $2D4720C9] Install: comsetup.log (Backup file, nothing done)
    C:\WINDOWS\comsetup.log

    Log: [SBI $2D4720C9] Install: Directx.log (Backup file, nothing done)
    C:\WINDOWS\Directx.log

    Log: [SBI $2D4720C9] Install: ocgen.log (Backup file, nothing done)
    C:\WINDOWS\ocgen.log

    Log: [SBI $2D4720C9] Install: setupact.log (Backup file, nothing done)
    C:\WINDOWS\setupact.log

    Log: [SBI $2D4720C9] Install: setupapi.log (Backup file, nothing done)
    C:\WINDOWS\setupapi.log

    Log: [SBI $2D4720C9] Install: svcpack.log (Backup file, nothing done)
    C:\WINDOWS\svcpack.log

    Log: [SBI $2D4720C9] Install: wmsetup.log (Backup file, nothing done)
    C:\WINDOWS\wmsetup.log

    Log: [SBI $2D4720C9] Install: DtcInstall.log (Backup file, nothing done)
    C:\WINDOWS\DtcInstall.log

    Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\mofcomp.log (Backup file, nothing done)
    C:\WINDOWS\System32\wbem\logs\mofcomp.log

    Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\setup.log (Backup file, nothing done)
    C:\WINDOWS\System32\wbem\logs\setup.log

    Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\wbemcore.log (Backup file, nothing done)
    C:\WINDOWS\System32\wbem\logs\wbemcore.log

    Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\wbemess.lo_ (Backup file, nothing done)
    C:\WINDOWS\System32\wbem\logs\wbemess.lo_


    next is part 3

  4. #4
    Junior Member
    Join Date
    Sep 2007
    Posts
    9

    Default detections part 4

    SORRY meant to call this Part 3, can't edit post title, can't fit the list in the post either


    Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\wbemess.log (Backup file, nothing done)
    C:\WINDOWS\System32\wbem\logs\wbemess.log

    Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\wbemprox.log (Backup file, nothing done)
    C:\WINDOWS\System32\wbem\logs\wbemprox.log

    Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\wbemsnmp.log (Backup file, nothing done)
    C:\WINDOWS\System32\wbem\logs\wbemsnmp.log

    Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\winmgmt.log (Backup file, nothing done)
    C:\WINDOWS\System32\wbem\logs\winmgmt.log

    Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\wmiadap.log (Backup file, nothing done)
    C:\WINDOWS\System32\wbem\logs\wmiadap.log

    Log: [SBI $2D4720C9] Shutdown: System32\wbem\logs\wmiprov.log (Backup file, nothing done)
    C:\WINDOWS\System32\wbem\logs\wmiprov.log

    Ahead Nero Burning Rom: [SBI $79A66815] Save tracks directory (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Ahead\Nero - Burning Rom\SaveTrackOptions\Stdflist

    Ahead Nero Burning Rom: [SBI $F9C5E63A] Last encoding directory (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Ahead\Nero - Burning Rom\Settings\EncodingLastDir

    Ahead Nero Burning Rom: [SBI $DE353278] Browser directory (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Ahead\Nero - Burning Rom\Settings\BrowserDir

    Ahead Nero Burning Rom: [SBI $F3FD92E9] Working directory (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Ahead\Nero - Burning Rom\Settings\WorkingDir

    Ahead Nero Burning Rom: [SBI $055C754D] Last ISO directory (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\ahead\Nero - Burning Rom\General\OFDLastISODir

    Ahead Nero Cover Designer: [SBI $6441CE99] Recent file list (2 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\ahead\Cover Designer\Recent File List

    Internet Explorer: [SBI $D9A946AF] Last used directory (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Internet Explorer\Main\Save Directory

    Internet Explorer: [SBI $FF589D0C] Download directory (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Internet Explorer\Download Directory

    Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
    HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
    HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    MS Management Console: [SBI $ECD50EAD] Recent command list (4 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Microsoft Management Console\Recent File List
    Last edited by antenner; 2007-11-09 at 20:22. Reason: wrong title

  5. #5
    Junior Member
    Join Date
    Sep 2007
    Posts
    9

    Default next part

    MS Media Player: [SBI $735D57D7] Recent open directory (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\Player\Settings\OpenDir

    MS Media Player: [SBI $D8642806] Application data file (global) () (File, nothing done)
    C:\Documents and Settings\All Users\Application Data\Microsoft\Media Index\wmplibrary_v_0_12.db

    MS Media Player: [SBI $656F1808] Search terms history (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\AutoComplete\MediaSearch

    MS Media Player: [SBI $8E65C0EE] Last opened playlist (Registry value, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist

    MS Media Player: [SBI $8E65C0EE] Last opened playlist (Registry value, nothing done)
    HKEY_USERS\S-1-5-19\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist

    MS Media Player: [SBI $8E65C0EE] Last opened playlist (Registry value, nothing done)
    HKEY_USERS\S-1-5-20\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist

    MS Media Player: [SBI $8E65C0EE] Last opened playlist (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist

    MS Media Player: [SBI $8E65C0EE] Last opened playlist (Registry value, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist

    MS Media Player: [SBI $1BDA487B] Last selected track index (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\Preferences\LastPlaylistIndex

    MS Media Player: [SBI $6D2E50D8] Last selected node (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\MediaLibraryUI\MLLastSelectedNode

    MS Media Player: [SBI $3B9B7B9A] Last CD record path (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\Preferences\CDRecordPath

    MS Media Player: [SBI $3B46EBCE] Manually modified tags history (1 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\AutoComplete\MediaEdit

    MS Media Player: [SBI $5C51E349] Client ID (Registry change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

    MS Media Player: [SBI $5C51E349] Client ID (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

    MS Media Player: [SBI $5C51E349] Client ID (Registry change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

    MS Media Player: [SBI $67184AC2] Anonymous ID (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\MediaPlayer\Preferences\SendUserGUID

    MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

    MS DirectInput: [SBI $9A063C91] Most recent application (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\DirectInput\MostRecentApplication\Name

    MS DirectInput: [SBI $7B184199] Most recent application ID (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\DirectInput\MostRecentApplication\Id

    MS Office 10.0: [SBI $65F660A1] Internet history (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Office\10.0\Common\Internet\UseRWHlinkNavigation

    MS Office 10.0: [SBI $A0473B14] Access recent file (1 files) (Registry key, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Office\10.0\Access\Settings

    MS Office 10.0: [SBI $A0473B14] Access recent file (1 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Office\10.0\Access\Settings

    MS Office 10.0: [SBI $A0473B14] Access recent file (1 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Office\10.0\Access\Settings

    MS Office 10.0: [SBI $40D97094] Recently used symbol list (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Office\10.0\Common\General\SymbolMRU

    MS Office 10.0 (Word): [SBI $51FE086C] Recently used documents list (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Office\10.0\Word\Data\Settings

    MS Office 10.0 (Word): [SBI $E97870AB] Disabled items history (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Office\10.0\Word\Resiliency\DisabledItems

    MS Office 11.0: [SBI $D8926923] Last typed search text (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Office\11.0\Common\Search\Last Query\LastSearchText

    MS Fax: [SBI $F2D1A0E8] Last country ID (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Fax\UserInfo\LastCountryID

    MS Fax: [SBI $8F651DE1] Last recipient name (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Fax\UserInfo\LastRecipientName

    MS Fax: [SBI $17E7FB0C] Last recipient number (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Fax\UserInfo\LastRecipientNumber

    MS Frontpage: [SBI $59ED01E2] Default page (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\FrontPage\DefaultSave

    MS Frontpage: [SBI $593CEA98] Default image add folder (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\FrontPage\Editor\Default Add Image Directory

    MS Frontpage: [SBI $C59EB1BF] Navigation history (1 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\FrontPage\Explorer\Navigation\MRUList

    MS Frontpage: [SBI $4EE27838] Recently used templates (8 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\FrontPage\Editor\Recent Templates

    MS Frontpage: [SBI $EA3EB68E] Last opened web (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Settings\LastWebOpen

    MS Regedit: [SBI $C3B62FC1] Recent open key (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey

    MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Search Assistant\ACMru

    MS Wordpad: [SBI $4C02334D] Recent file list (4 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List

    MusicMatch JukeBox: [SBI $BAD03F2C] Setup download folder (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\MusicMatch\download

    MusicMatch JukeBox: [SBI $9D4551E3] Last conversion destination folder (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\MusicMatch\MusicMatch Jukebox\4.0\FileConv\DestDir

    MusicMatch JukeBox: [SBI $F9A6DCAB] Last conversion source folder (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\MusicMatch\MusicMatch Jukebox\4.0\FileConv\SourceDir

    RealOne Player 2 (aka RealPlayer 6.0): [SBI $F369C542] Last login time (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\RealNetworks\RealPlayer\6.0\Preferences\LastLoginTime\

    RealOne Player 2 (aka RealPlayer 6.0): [SBI $BB3E2788] Last open file directory (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\RealNetworks\RealPlayer\6.0\Preferences\LastOpenFileDir\

    RealOne Player 2 (aka RealPlayer 6.0): [SBI $0AA1D244] Most recent skins #1 (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentSkins1\

    RegAlyzer: [SBI $4E2EB979] Last opened key (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\LastKey

    RegAlyzer: [SBI $61FBEC1C] Search parameters (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchKeys

    RegAlyzer: [SBI $BA4688A8] Search parameters (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchValues

    RegAlyzer: [SBI $1CE50F1A] Search parameters (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchData

    RegAlyzer: [SBI $AB824111] Search parameters (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchRange

    RegAlyzer: [SBI $F3D4D6A2] Search parameters (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchIgnoreCase

    RegAlyzer: [SBI $94BEC9E5] Search parameters (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchHighSpeed

    RegAlyzer: [SBI $F443DD23] Search parameters (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchTypeStrings

    RegAlyzer: [SBI $28C9D7F7] Search parameters (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchTypeNumerics

    RegAlyzer: [SBI $5B56D2E8] Search parameters (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchTypeBinary

    RegAlyzer: [SBI $67EDD561] Search parameters (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\ReplaceIgnoreCase

    RegAlyzer: [SBI $A0D84BD3] Search parameters (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\HexDumpSize

    RegAlyzer: [SBI $D43498CE] Search parameters (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchDateTime1

    RegAlyzer: [SBI $FF19CB0D] Search parameters (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchDateTime2

    RegAlyzer: [SBI $CE91B32F] Search parameters (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchByDateMode

    RegAlyzer: [SBI $09450A81] Search parameters (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\PepiMK Software\Analysis tools\RegAlyzer\SearchStyle

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows.OpenWith: [SBI $16E309E0] Open with list - .ASF extension (10 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF\OpenWithList

    Windows.OpenWith: [SBI $CDE7D0A6] Open with list - .ASX extension (4 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASX\OpenWithList

    Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (6 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

    Windows.OpenWith: [SBI $DCEE25EC] Open with list - .BAK extension (3 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BAK\OpenWithList

    Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (2 files) (Registry key, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

    Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (8 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

    Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (2 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

    Windows.OpenWith: [SBI $21C40B70] Open with list - .CAL extension (2 files) (Registry key, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAL\OpenWithList

    Windows.OpenWith: [SBI $21C40B70] Open with list - .CAL extension (2 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAL\OpenWithList

    Windows.OpenWith: [SBI $21C40B70] Open with list - .CAL extension (2 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAL\OpenWithList

    Windows.OpenWith: [SBI $9E8D5C8A] Open with list - .CDA extension (5 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList

    Windows.OpenWith: [SBI $90385037] Open with list - .CMP extension (2 files) (Registry key, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CMP\OpenWithList

    Windows.OpenWith: [SBI $90385037] Open with list - .CMP extension (2 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CMP\OpenWithList

    Windows.OpenWith: [SBI $90385037] Open with list - .CMP extension (2 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CMP\OpenWithList

    Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (2 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList

    Windows.OpenWith: [SBI $A6576FA1] Open with list - .CUR extension (2 files) (Registry key, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUR\OpenWithList

    Windows.OpenWith: [SBI $A6576FA1] Open with list - .CUR extension (2 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUR\OpenWithList

    Windows.OpenWith: [SBI $A6576FA1] Open with list - .CUR extension (2 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUR\OpenWithList

    Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (269 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

    Windows Explorer: [SBI $AA0766B5] Stream history (34 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

    Windows Explorer: [SBI $2026AFB6] User Assistant history IE (3159 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

    Windows Explorer: [SBI $6107D172] User Assistant history files (247 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

    Windows Explorer: [SBI $B7EBA926] Last visited history (26 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

    Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

    Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
    HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

    Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
    HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

    Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

    Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

    Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

    Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1309460317-2376740472-538525854-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

  6. #6
    Junior Member
    Join Date
    Sep 2007
    Posts
    9

    Default report too long

    it's too long to put it all here, I didn't realize that. This thing is 145 pages long. Why is it so long? I don't know how to show you the detections report as it looks in spybot since the rightclick to copy the report retrieves so much more than I thought.

  7. #7
    Junior Member
    Join Date
    Sep 2007
    Posts
    9

    Default usage tracks and consequence of uninstalling spybot later

    Additionally, usage tracks detections I found mention: "Logs won't be deleted, just moved to a folder inside the Spybot-S&D directory to make it more difficult for spies to automatically detect them."

    What if I ever uninstall Spybot? Won't i have lost whatever it was that was in this folder inside Spybot? And do I need it?

  8. #8
    Senior Member
    Join Date
    Oct 2005
    Location
    Germany
    Posts
    5,263

    Default

    Hello,

    Spybot - Search & Destroy is detecting Windows Security Center associated with Microsoft Security Center Registry changes. This is neither a false positive nor a bug. It is just an information.
    Spybot-S&D only wants to bring to your attention that "someone" disabled one or more notifications in the Windows Security Center, e.g. the notifications that your virus protection is not active or not up-to-date. If you changed the settings yourself you can safely tell Spybot-S&D to exclude those detections from further scans.
    In order to do so please right-click each in turn, then click "exclude this detection from future scans". That way, should any other part of security center settings change, Spybot-S&D will still detect those.
    The same is true if you have another security solution installed (like McAfee Security Center or Norton Internet Security). These programs do also disable the Windows Security Center in order to take care of things themselves.
    The reason why the changes are flagged by Spybot-S&D is that there are also malware programs that disable the notifications so the user doesn't take note of his security tools not being effective.

    Some more information is also available in our forum:
    http://forums.spybot.info/showthread.php?t=87

    Usage tracks are your fingerprints in your system. Whenever you visit a page with your browser, or just open any file, that information is stored deep inside Windows. In most cases that is very useful – if you want to open that file again, you can select it from a list instead of typing the whole filename or browsing the whole directory structure again.

    But in some cases you may want to hide your activity, because spyware and internet attackers may use that information. Spybot-Search&Destroy can remove some of the most important and common tracks on your system.
    You may still decide to keep a threat, or just a usage track. Maybe you don't want your list of most recently used Word documents removed?
    At this point you have three options.

    * You could decide on ignoring all usage tracks. In that case you could open the File sets page on the Settings section
    of the program, and disable the Usage tracks entries.
    * Or if you want to just keep all tracks from a specific product, just right-click a product in the results list.
    * Finally, if you want to keep just one file, that is possible the same way

    The usage tracks that Spybot store are not needed in that form. It is only a result of a scan. So when you uninstall Spybot you won't miss any important files that are related to usage tracks.

    Best regards
    Sandra
    Team Spybot

  9. #9
    Junior Member
    Join Date
    Sep 2007
    Posts
    9

    Default

    Thanks, i was partly wondering about the danger of deleting the usage tracks. But I went ahead and just let Spybot fix everything and thus far nothing has stopped working, fingers crossed.

    I don't understand why the report is so long and how to tell which things I need to worry about.
    Last edited by antenner; 2007-11-11 at 01:34.

  10. #10
    Junior Member
    Join Date
    Nov 2007
    Location
    Central FL, USA
    Posts
    13

    Default

    Quote Originally Posted by antenner View Post
    Thanks, i was partly wondering about the danger of deleting the usage tracks. But I went ahead and just let Spybot fix everything and thus far nothing has stopped working, fingers crossed.

    I don't understand why the report is so long and how to tell which things I need to worry about.
    May I weigh in on this topic?

    Thank you.

    I'm in the computer security business and I DO install Spybot S&D for all my home computer customers.

    If I shut off Automatic updates, for instance, I tell Spybot to exclude that from future scans.

    An extended list of log files tells me that your computer is really loaded with junk. Three months after a clean install of Windows XP-pro on my own PC, I did a search for .log files and was horrified to get over 4000 hits.
    Since then I do a search and destroy for .log files as a part of my weekly maintenance routine.
    I use "Easy Cleaner 2" to accomplish this little task, by adding *.log to the Find box in 'Remove Unnecessary Files'.
    Easy Cleaner will NOT remove any log file currently being used (open) by windows.
    So far, I've seen no 'Down-Side' to doing this and it does keep my HD a lot cleaner.

    File control and maintenance does NOT happen by accident, you have to work at it, a little bit anyway.

    Usage tracks? Do you mean "MRU's"?
    Those things are like newspapers,,,,they will build up forever till you throw them out. I do this daily with a little utility called "MRU Blaster". Been running it for years.

    I think in your case, I'd just let Spybot S&D, do its thing. It does it so well.

    Cheers Mate!
    The Doctor
    A person with experience is never at the mercy of a person with an argument.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •