Spybot found these

Should I delete these items, or does IE need them to run properly? They were tagged in red.

NewsUpdate: Ad settings (Registry key)
HKEY_LOCAL_MACHINE\Software\Creative Tech\Software Installed\News

NewsUpdate: Class (Registry key)
HKEY_CLASSES_ROOT\CTMARQ.CTMarqCtrl.1

NewsUpdate: Class ID( (CTMarq Property Page)) (Registry key)
HKEY_CLASSES_ROOT\CLSID\{8614A945-FF72-11D0-9BA1-00AA00464A16}

NewsUpdate: Class ID( (CTMarq Property Page)) (Registry key)
HKEY_CLASSES_ROOT\CLSID\{C1B43B82-8B3C-11D4-B615-00A0C98E9F5B}

NewsUpdate: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{C1B43B81-8B3C-11D4-B615-00A0C98E9F5B}

NewsUpdate: Connection settings (File)
ctnet.ini

NewsUpdate: Interface( (_DCTMarq)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{C1B43B7F-8B3C-11D4-B615-00A0C98E9F5B}

NewsUpdate: Interface( (_DCTMarqEvents)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{8614A943-FF72-11D0-9BA1-00AA00464A16}

NewsUpdate: Interface( (_DCTMarqEvents)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{C1B43B80-8B3C-11D4-B615-00A0C98E9F5B}

NewsUpdate: Interface( (_DCTMarq)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{8614A942-FF72-11D0-9BA1-00AA00464A16}

NewsUpdate: Program directory (Directory)
C:\Program Files\Creative\News

NewsUpdate: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{C1B43B7E-8B3C-11D4-B615-00A0C98E9F5B}

ShowBehind: IE Search assistent (Registry change)
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant=about:blank

ShowBehind: IE Search bar (Registry change)
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar=about:blank

ShowBehind: IE Search page (Registry change)
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Search Page=http://www.google.com

ShowBehind: IE Search url #1 (Registry change)
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchURL=http://www.google.com

VLoading: ActiveX Installer (File)
VLoading.inf

VLoading: Class (Registry key)
HKEY_CLASSES_ROOT\VLoading.Download.1

VLoading: Class (Registry key)
HKEY_CLASSES_ROOT\VLoading.Download

VLoading: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{11BF0E2B-4229-4ADC-9C11-1C6968731018}

VLoading: Code store database (Registry key)
HKEY_LOCAL_MACHINE\Software\Microsoft\Code Store Database\Distribution Units\{11BF0E2B-4229-4ADC-9C11-1C6968731018}

VLoading: DLL use (1 apps) (Registry value)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\Downloaded Program Files\VLoading.dll

VLoading: Interface (Registry key)
HKEY_CLASSES_ROOT\Interface\{0D639E64-5C31-4313-B62A-1B4D99E2F284}

VLoading: Module usage setting (Registry key)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/VLoading.dll

VLoading: Stored file (File)
C:\WINDOWS\Downloaded Program Files\VLoading.dll

VLoading: Typelib (Registry key)
HKEY_CLASSES_ROOT\TypeLib\{67355A47-1544-4905-B698-4D7E5B62EC32}

 

I never fool with deleting anything unless SpyBot calls it a Bot and auto-checks it up above the dividor line. The rest of that stuff is harmless tracks to where you have been. Delete it if you choose, it'll do no harm.

I always keep the cookies since theyre somewhat beneficial. I don't subscribe to newsgroups as you apparently do so I don't get all those tracks. If you delete them, you'll probably not be able to tell what you have or haven't read.

You do realize that you can reverse any deletion that you may have remorse over, don't you. Just click the SpyBot-S & D button and select Recovery. You'll see the whole list of what you have previously deleted. You can also wipe that list clean if you know you don't ever want those items.

 

Shadowhawk: Spybot lists NewsUpdate and ShowBehind as spybots and VLoading as a Dialer. See following:

ShowBehind
Company: -
Product: ShowBehind
Threat: Adware

Description
Silently installed adware that runs constantly. Uninstaller from developer not working.
***************************************

NewsUpdate
Company: Creative Labs
Product: News Update Engine Application
Threat: Background installed Adware/possibly Spyware

Company URL: http://www.creativelabs.com/
Company privacy URL: http://www.creative.com/privacy.asp?fr=

Functionality
Periodically retrieving news.

Description
Data is saved with the file extension .sys - do they have something to hide? I couldn't find anything about it in the License Agreement. There is no License Agreement or Privacy Policy shown before the installation, so the only available Privacy Policy is the general online Privacy Policy, which won't say a word about the News Update Engine.

Privacy Statement
From the License Agreement: Creative does not warrant that the functions contained in the Software will meet your requirements or that the operation of the Software will be uninterrupted, error-free or free from malicious code.
**************************************

VLoading
Company: EBS AG
Product: VLoading
Threat: Security threat

Company URL: http://www.ebs-ag.com/
Company privacy URL: http://www.ebs-ag.de/index.php?page=front_page&pid=pls:linked-sub&pnr=68&temptype=cont

Functionality
Allows automatic download and running of software from the internet.

Description
Also know as DownloadClass. The privacy URL was hidden and could only be found using the search function.

 

I deleted them. I wonder why Adaware never found them. I'd definitely take Spybot over Adaware if it just came with a TSR.

 

Shadowhawk

These were not ad/spyware but usage tracks. Adaware was never designed to get them.

I still run Adaware after SpyBot and it still ocassionaly finds something spybot does not.

Mike

 

BTW ShadowHawk

In SpyBot config there are several options to scan on program start when windows starts etc.

Also I have not heard anyone comment on the inmunization feature this adds protection from 119 known BHO's.

Mike

 

What's the immunization feature? Where do I look in the program for that?

 

1st SpyBot screen lefthand col in gray should be 3 icons Spybot s&d, Recovery then Immunization?

Or you are not up to date.

Mike

 

There's no Immunization icon in the left pane.

 

Ok then you must have an older engine!

I am using 1.1 release 5 Beta 2

To get it go to site and do the full update!

mike

 

I downloaded from Spybot's website. It doesn't make sense that they don't have the latest version for download. I just checked and it said I have 1.1 release 4. If I get the new one, do I need to uninstall the current, or can I go over it?

Edit: I went back to the site and then did a Google search. The highest I can find is rel 4, which I have. Where can I find rel 5?

 

Hello Shadowhawk,

You can ask Patrick Kolla himself at http://www.net-integration.net/cgi-bin/forums/ikonboard.cgi

Scroll down to PepiMike Software. Under the "beta" thread, you will see references to "beta v 5 ".

Regards - Charles