Deleting doubtful files after scan

S

samvarma

New member
scan result gives some files which i feel are legitimate files and should not be deleted. Pl advise. The scan result is pasted below:-

TagASaurus: Tracking cookie (Internet Explorer: sam) (Cookie, nothing done)


ABetterInternet: Autorun settings (EPSON Stylus CX2800 Series) (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\EPSON Stylus CX2800 Series

Download Accelerator Plus ads: Default ad category (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\SpeedBit\Download Accelerator\ADSDefaultCategory=Default

Download Accelerator Plus ads: Ad category (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\SpeedBit\Download Accelerator\ADSUpdates

Download Accelerator Plus ads: Ad category (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\SpeedBit\Download Accelerator\ADSProxy

Download Accelerator Plus ads: Ad category (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\SpeedBit\Download Accelerator\ADSNoTrigger

Download Accelerator Plus ads: Ad category (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\SpeedBit\Download Accelerator\ADSImprov_DB

Download Accelerator Plus ads: Ad category (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\SpeedBit\Download Accelerator\ADSDBS

Download Accelerator Plus ads: Ad category (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\SpeedBit\Download Accelerator\ADSADS

Microsoft.Windows.Explorer: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1207123012-1786554448-3762689895-1007\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions!=W=0

Microsoft.Windows.Explorer: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1207123012-1786554448-3762689895-1007\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel!=W=0

Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0

Microsoft.WindowsSecurityCenter.FirewallDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0

Microsoft.WindowsSecurityCenter.FirewallOverride: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride!=dword:0

Microsoft.WindowsSecurityCenter.UpdateDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify!=dword:0


--- Spybot - Search && Destroy version: 1.3 ---
2007-10-17 Includes\Cookies.sbi
2007-07-25 Includes\Dialer.sbi
2007-10-17 Includes\DialerC.sbi
2007-08-29 Includes\Hijackers.sbi
2007-10-17 Includes\HijackersC.sbi
2007-10-04 Includes\Keyloggers.sbi
2007-10-17 Includes\KeyloggersC.sbi
2004-05-12 Includes\LSP.sbi
2007-10-04 Includes\Malware.sbi
2007-10-17 Includes\MalwareC.sbi
2007-09-05 Includes\PUPS.sbi
2007-10-17 Includes\PUPSC.sbi
2007-10-17 Includes\Revision.sbi
2007-05-30 Includes\Security.sbi
2007-10-17 Includes\SecurityC.sbi
2007-10-10 Includes\Spybots.sbi
2007-10-17 Includes\SpybotsC.sbi
2007-08-21 Includes\Tracks.uti
2007-10-17 Includes\Trojans.sbi
2007-10-17 Includes\TrojansC.sbi
2007-06-06 Plugins\TCPIPAddress.dll
 
Software updated but still shows doubtful files

Dear Tashi, Thanks for the prompt reply. I have updated the software to ver 1.5 but it still shows files related to the OS. Should I select them and fix the problems or there is some infection still present.Kindly advise.Thanks in advance.


Microsoft.Windows.Explorer: [SBI $E3838056] User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1207123012-1786554448-3762689895-1007\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel

Microsoft.Windows.Explorer: [SBI $DA080EA7] User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1207123012-1786554448-3762689895-1007\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions

Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: [SBI $5509538C] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify

Microsoft.WindowsSecurityCenter.FirewallDisableNotify: [SBI $8CFC8C85] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify

Microsoft.WindowsSecurityCenter.FirewallOverride: [SBI $0C94D702] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride

Microsoft.WindowsSecurityCenter.UpdateDisableNotify: [SBI $2FAA945D] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify


--- Spybot - Search & Destroy version: 1.5 (build: 20070830) ---

2007-08-31 blindman.exe (1.0.0.6)
2007-08-31 SDMain.exe (1.0.0.4)
2007-08-31 SDUpdate.exe (1.0.6.4)
2007-08-31 SDWinSec.exe (1.0.0.8)
2007-08-31 SpybotSD.exe (1.5.1.15)
2007-08-31 TeaTimer.exe (1.5.0.9)
2007-10-24 unins000.exe (51.46.0.0)
2007-08-31 Update.exe (1.4.0.5)
2007-08-31 advcheck.dll (1.5.3.0)
2007-04-02 aports.dll (2.1.0.0)
2007-04-02 DelZip179.dll (1.79.5.3)
2007-08-31 SDHelper.dll (1.5.0.8)
2007-08-31 Tools.dll (2.1.2.0)
2007-10-24 Includes\Cookies.sbi (*)
2007-07-25 Includes\Dialer.sbi (*)
2007-10-24 Includes\DialerC.sbi (*)
2007-08-29 Includes\Hijackers.sbi (*)
2007-10-24 Includes\HijackersC.sbi (*)
2007-10-04 Includes\Keyloggers.sbi (*)
2007-10-24 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2007-10-24 Includes\Malware.sbi (*)
2007-10-24 Includes\MalwareC.sbi (*)
2007-10-24 Includes\PUPS.sbi (*)
2007-10-24 Includes\PUPSC.sbi (*)
2007-10-24 Includes\Revision.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-10-24 Includes\SecurityC.sbi (*)
2007-10-24 Includes\Spybots.sbi (*)
2007-10-24 Includes\SpybotsC.sbi (*)
2007-08-21 Includes\Tracks.uti
2007-10-24 Includes\Trojans.sbi (*)
2007-10-24 Includes\TrojansC.sbi (*)
2008-12-24 Plugins\TCPIPAddress.dll
 
Hello,

Spybot - Search & Destroy is detecting Windows Security Center associated with Microsoft Security Center Registry changes. This is neither a false positive nor a bug. It is just an information.
Spybot-S&D only wants to bring to your attention that "someone" disabled one or more notifications in the Windows Security Center, e.g. the notifications that your virus protection is not active or not up-to-date. If you changed the settings yourself you can safely tell Spybot-S&D to exclude those detections from further scans.
In order to do so please right-click each in turn, then click "exclude this detection from future scans". That way, should any other part of security center settings change, Spybot-S&D will still detect those.
The same is true if you have another security solution installed (like McAfee Security Center or Norton Internet Security). These programs do also disable the Windows Security Center in order to take care of things themselves.
The reason why the changes are flagged by Spybot-S&D is that there are also malware programs that disable the notifications so the user doesn't take note of his security tools not being effective.

Some more information is also available in our forum:
http://forums.spybot.info/showthread.php?t=87

Best regards
Sandra
Team Spybot
 
You must log in or register to reply here.
Back
Top