Ice Sword, Gmer, (and finally, Spybot)...

Discussion in 'other anti-malware software' started by SG1, Aug 20, 2006.

Thread Status:
Not open for further replies.
  1. SG1

    SG1 Registered Member

    Joined:
    Jan 16, 2003
    Posts:
    430
    a) Any good tutorials about, for these two programs? As they are supposed to be the current top dogs, I'd like to learn about them.

    b) Spybot found that localmachine lockdown had apparently been altered and set it back to correct status, re MS site info (for SP2). My brother uses IE for surfing, I don't, but he is not a porno/music/swapping or downloading sort and so I wondered, what/how was the possible cause of lockdown change - assuming this wasn't another Spybot FP?
     
  2. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Going only by the info supplied....would my assumption be right if I said Spybot reported the Windows.Security.InternetExlorer product and the below registry entry ?

    If that is the case that Security.sbi(Windows.Security.InternetExlorer) file set entry was added to Spybot's 2006-8-11 updates due to the fact certain downloaded toolbars of late are being found to alter that setting which can affect a users "My Computer Zone" settings.

    However....that same entry will be flagged if a user has altered an IE recommended default setting under Tools\Internet Options\Advanced tab....Security section....Allow active content to run in files on My Computer. If that entry has a check mark next to it....the FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe registry dword entry mentioned above will be changed from a recommended setting of 1(unchecked) to a 0(zero) signifying checked and it is that setting that causes Spybot to flag that entry.

    While that informational find can not be classified as a False Positive....it will cause a level of concern for some users in regards to thinking they have a malware type problem.

    Bubba
     
    Last edited: Aug 20, 2006
  3. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
Thread Status:
Not open for further replies.