Why does Spybot-S&D also remove IE toolbars that seem useful to me?

Nearly all IE toolbars make the web access easier for you.
Sadly, to tailor their information to your needs, they need to collect data about you;
and most privacy statements are unclear about how they use this data beside sending you what they think is what you want.


FAQ Category: Detections, Spybot 1.6

Why do other spyware programs appear to find spies in Sypbot-S&D’s directory?

Please have a look at the path where such a program has found the spyware. As Spybot-S&D has no spyware integrated, this must be a false alarm.

The reason for such a false alarm is simple: Spybot-S&D saves backups of the problems you have fixed; to make it possible to recover them in case something stops working after the fix.

If the file found is in the Recovery directory inside the Spybot-S&D directory, it is such a backup. It is no longer of any harm there, as the file will not be found and loaded from there. But once you are sure you do not need the backup, go to the Recovery section inside Spybot-S&D and purge that files.

Current versions compress the recovery files into password-protected zip archives, thus avoiding other spyware applications will give false alarms. Some programs might notify you that they cannot access these zip archives – this can easily be ignored. As the recovery files are named after the threat some programs might also naively detect the backups as threats just because of the file name. This can also be ignored.

In recent weeks there was a noticeably high number of cases where other anti-virus and anti-spyware programs wrongly detected parts of Spybot-S&D, which probably has to be traced back to insufficient testing at these companies.


FAQ Category: Detections, Spybot 1.6

Why can I not remove the Sti_Trace.log (or SchedLgU.txt) file?

The Sti_Trace.log file is opened on many machines; most often on Windows ME/2000/XP/Vista. The reason is that the ‘Still Image Monitor’ runs all the time, using this file. You can use msconfig to disable the Still Image Monitor, but as it is of no harm you can add  this log file to the single ignore list.

The same is valid for the SchedLgU.txt; it is the log file of the scheduler. If the scheduler is running, this file is kept open. If you are not using the scheduler, I suggest disabling it, this will not only allow you to back up this file, but also save some RAM.

(To add a problem to the single ignore list, simply right-click on it in the results list, and choose the appropriate menu item.)


FAQ Category: Detections, Spybot 1.6

Why does Spybot-S&D not detect running processes?

This is not correct and is often misunderstood as we do not display an extra list of running processes after the scan. But we do not consider that as necessary – every running process is identical to a file on the hard disk, because a process is more or less that file loaded into memory.

But when you use Spybot-S&D to fix problems, it will automatically terminate the bad processes detected before doing anything else. And if you are using our TeaTimer, TeaTimer will detect malware processes as soon as they are started and terminate them.

Our logs of course do include a full list of processes, and since version 1.4 Spybot-S&D even lists open network connections per process (except for on Vista), allowing you to easily see which processes are connecting to the outside and where to.


FAQ Category: Detections, Spybot 1.6

Why does MS AntiSpyware complain that Spybot-S&D adds bad sites to the trusted zone?

That is a mistake by Microsoft. Microsoft has since released knowledge base article 902956 that describes this known issue.


FAQ Category: Detections, Spybot 1.6

Why does Spybot-S&D flag changes in the Windows Security Center?

Spybot 2 detects registry changes associated with Microsoft Security Center;
they are listed as “Windows Security Center”. This is neither a false positive nor a bug.
It is just an information about a potential threat – Spybot 2 only wants to bring to your attention that someone or something disabled one or more notifications in the Windows Security Center, e.g. the notifications that your virus protection is not active or not up-to-date.
If you changed the settings yourself you can safely tell Spybot 2 to exclude those detections from further scans.
In order to do so you have to run the Start Center, switch to advanced mode and start Settings.
Now browse to the “Ignore Lists“ tab and switch here to „Products“. Via the “Add“ button you will get a list of products to be excluded. Just select the product you want to exclude and hit “OK“.
Settings can also be launched via SDTray (the small Spybot 2 icon beside your systems clock in the taskbar).
The same is true if you have another security solution installed (like McAfee Security Center or Norton Internet Security).
These programs disable announcements of Window Security Center in order to signal things by themselves.
The reason why the changes are flagged by Spybot 2 is that there are also malware programs that disable the notifications so the user does not take note of his security tools not being effective.
More information is available in our forum: Windows Security Center


FAQ Category: Detections, Spybot 1.6