T
Thedogateit
I have the same problem as Gilbert
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
A
AndyManchesta
I wish I could help you on this and Gilbert but I do not
know whats caused it, heres my registry details from that
area but Im not sure if this is default or if its changed
with me having Symantecs protection installed.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
You could open the registry and export yours to check
them
Goto start then type regedit and press enter. Then Start
with HKEY_LOCAL_MACHINE then click the plus + beside it
then goto SOFTWARE and click the plus + then Microsoft
and the plus + then to Security Center but on that left
click Security Centre and not the plus +
Then you will see the values on the right pane,You can
then right click Security Centre and choose Export save
it to your desktop or somewhere you can find it easily
Find the file you just saved and right click it and
choose rename. Take off the REG part at the end and
replace it with txt and then choose yes on the pop up,
you can they post it on here
----------------------------------------------------------
This is strange Ive just updated Spybot and run a scan
and I've now got the same two security risks listed but
as you can see from my reg information above these are
not set to dword:0 so Im going to ignore them as it maybe
a bug in Spybot I had problems updating Spybot at first
the first two download sites I used said Bad Checksum but
I got them on the third attempt and now its showing the
same fault.
I assume its similar to the DSO exploit they used to show
where it wasnt a problem if pcs had the latest updates
from Microsoft and it was just a bug in Spybot that kept
showing them.
Still abit strange but Im going to ignore them as fixing
it could cause more problems as its showing info that
isnt in my registry ??
Hope that helps
Andy
know whats caused it, heres my registry details from that
area but Im not sure if this is default or if its changed
with me having Symantecs protection installed.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
You could open the registry and export yours to check
them
Goto start then type regedit and press enter. Then Start
with HKEY_LOCAL_MACHINE then click the plus + beside it
then goto SOFTWARE and click the plus + then Microsoft
and the plus + then to Security Center but on that left
click Security Centre and not the plus +
Then you will see the values on the right pane,You can
then right click Security Centre and choose Export save
it to your desktop or somewhere you can find it easily
Find the file you just saved and right click it and
choose rename. Take off the REG part at the end and
replace it with txt and then choose yes on the pop up,
you can they post it on here
----------------------------------------------------------
This is strange Ive just updated Spybot and run a scan
and I've now got the same two security risks listed but
as you can see from my reg information above these are
not set to dword:0 so Im going to ignore them as it maybe
a bug in Spybot I had problems updating Spybot at first
the first two download sites I used said Bad Checksum but
I got them on the third attempt and now its showing the
same fault.
I assume its similar to the DSO exploit they used to show
where it wasnt a problem if pcs had the latest updates
from Microsoft and it was just a bug in Spybot that kept
showing them.
Still abit strange but Im going to ignore them as fixing
it could cause more problems as its showing info that
isnt in my registry ??
Hope that helps
Andy
R
Robin Walker [MVP]
AndyManchesta said:This is strange Ive just updated Spybot and run a scan
and I've now got the same two security risks listed but
as you can see from my reg information above these are
not set to dword:0
Yes, if you look closely at the SpyBot report, it is complaining that they
are NOT zero (!=0), not that they ARE zero (=0). As you posted, your
entries are non-zero because of the Symantec anti-virus. So you are
observing the same effect as the others who recently posted on the new
SpyBot alert.
It looks as if this SpyBot check is going to come up with everyone using
McAfee or Symantec suites.
A
AndyManchesta
Thanks Robin
I missed the ! symbol, I knew there would be a helpfull
MVP out there who would know more about dword entries,
Thanks for pointing that out I know how to reply on other
forums now if that comes up again
Regards Andy
I missed the ! symbol, I knew there would be a helpfull
MVP out there who would know more about dword entries,
Thanks for pointing that out I know how to reply on other
forums now if that comes up again
Regards Andy
Q
Q
Dont worry about this, This is just a added protection to
see if your antivirus and firewall is running. It is for
the Microsoft Security Center. It was changed by your anti
virus to keep you from getting dual notices that your 3rd
party antivirus and firewall was off. (One warning from
your antivirus and one from Security Center.) It could be
helpful as second line of defense in case a virus would
try to turn off your antivirus. It would pop up a Security
Center warning that your antivirus is turned off.
see if your antivirus and firewall is running. It is for
the Microsoft Security Center. It was changed by your anti
virus to keep you from getting dual notices that your 3rd
party antivirus and firewall was off. (One warning from
your antivirus and one from Security Center.) It could be
helpful as second line of defense in case a virus would
try to turn off your antivirus. It would pop up a Security
Center warning that your antivirus is turned off.
J
JRosenfeld
For extensive discussion see
http://forums.net-integration.net/index.php?showtopic=32260
and a couple of other threads in that forum.
http://forums.net-integration.net/index.php?showtopic=32260
and a couple of other threads in that forum.
G
Gilbert Shaver
Friday, July 29, 2005
Thanks everyone for your observations and help RE:
SpyBot's "detecting" two "Security Risks."
Here's my own update:
1.
I had SpyBot "fix" the Registry entries which are safely
stored in SpyBot's "Recovery" option.
2.
I uninstalled Microsoft AntiSpyware (Beta) and installed
the latest version of Webroot's "SpySweeper."
3.
Today, I ran SpyBot again and SURE ENOUGH it identified
the same two Registry entries that I had quarantened.
4.
I ran Webroot SpySweeper and it did not find anything.
5.
Perhaps that suggests as you say that SpyBot has another
false alarm issue here.
6.
I took Andy's suggestion and here's a copy of the
pertinent data from my Registy. I currently use Norton
Internet Security 2005:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\ZoneLabsFirewall]
==========================================================
==========================================
I don't understand this technical stuff but I'm assuming
things are OK and safe . . . or . . . ??
==========================================================
==========================================
SpyBot today finds the same "problems":
Security Risks: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\FirewallDisableNotify!=dword:0
Security Risks: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\AntiVirusDisableNotify!=dword:0
--- Spybot - Search & Destroy version: 1.4 (build:
20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-06-18 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-04-26 Includes\Cookies.sbi (*)
2005-07-22 Includes\Dialer.sbi (*)
2005-07-22 Includes\Hijackers.sbi (*)
2005-06-23 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2005-07-22 Includes\Malware.sbi (*)
2004-08-11 Includes\plugin-ignore.ini
2005-07-22 Includes\PUPS.sbi (*)
2005-04-27 Includes\Revision.sbi (*)
2005-07-22 Includes\Security.sbi (*)
2005-07-19 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2005-07-22 Includes\Trojans.sbi (*)
==========================================================
==========================================
Subject: Do I have two real "security threats"?
From: "Gilbert Shaver"
<[email protected]> Sent: 7/27/2005
6:25:07 PM
Wednesday, July 27, 2005
I have a question. First, here's the background to the
question:
I have Microsoft AntiSpyware (Beta) running actively on
my computer, so it's always checking my system. I always
keep current with all the updates.
I also have SpyBot S&D (current version) which I do not
run actively on my computer but I do keep current with
SpyBot's updates.
I run each program to scan my computer at least twice a
week.
Here is my question:
Today, I ran SpyBot S&D and it "detected" two "security
risks" which I have copied here below. A few minutes
later, I ran Microsoft AntiSpyware to scan my computer.
Microsoft AntiSpyware did not detect any threats on my
computer.
This now leads me to my big question: Can anyone tell me
whether the two "changes" made to my registry (see below)
are part of Microsoft's AntiSpyware program and updates?
Or, has SpyBot actually detected two threats that I
should have SpyBot quarantine? I obviously don't want any
real threats lurking on my computer. At the same time, I
don't want to quarantine or remove false-positive
registry items, especially if these rightly belong to the
Microsoft AntiSpyware (Beta) program and have been
installed in the latest update.
Can anyone advise me? What do you think I should do? I
will appreciate knowledgeable feedback.
Thanks,
GS
(e-mail address removed)
Security Risks: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\FirewallDisableNotify!=dword:0
Security Risks: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\AntiVirusDisableNotify!=dword:0
--- Spybot - Search & Destroy version: 1.4 (build:
20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-06-18 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-04-26 Includes\Cookies.sbi (*)
2005-07-22 Includes\Dialer.sbi (*)
2005-07-22 Includes\Hijackers.sbi (*)
2005-06-23 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2005-07-22 Includes\Malware.sbi (*)
2004-08-11 Includes\plugin-ignore.ini
2005-07-22 Includes\PUPS.sbi (*)
2005-04-27 Includes\Revision.sbi (*)
2005-07-22 Includes\Security.sbi (*)
2005-07-19 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2005-07-22 Includes\Trojans.sbi (*)
..
==========================================================
==========================================
Subject: Spybot
From: "Thedogateit"
<[email protected]> Sent: 7/27/2005
10:04:48 PM
I have the same problem as Gilbert
..
==========================================================
==========================================
Subject: Spybot
From: "AndyManchesta" <[email protected]>
Sent: 7/27/2005 10:45:06 PM
I wish I could help you on this and Gilbert but I do not
know whats caused it, heres my registry details from that
area but Im not sure if this is default or if its changed
with me having Symantecs protection installed.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
You could open the registry and export yours to check
them
Goto start then type regedit and press enter. Then Start
with HKEY_LOCAL_MACHINE then click the plus + beside it
then goto SOFTWARE and click the plus + then Microsoft
and the plus + then to Security Center but on that left
click Security Centre and not the plus +
Then you will see the values on the right pane,You can
then right click Security Centre and choose Export save
it to your desktop or somewhere you can find it easily
Find the file you just saved and right click it and
choose rename. Take off the REG part at the end and
replace it with txt and then choose yes on the pop up,
you can they post it on here
----------------------------------------------------------
This is strange Ive just updated Spybot and run a scan
and I've now got the same two security risks listed but
as you can see from my reg information above these are
not set to dword:0 so Im going to ignore them as it maybe
a bug in Spybot I had problems updating Spybot at first
the first two download sites I used said Bad Checksum but
I got them on the third attempt and now its showing the
same fault.
I assume its similar to the DSO exploit they used to show
where it wasnt a problem if pcs had the latest updates
from Microsoft and it was just a bug in Spybot that kept
showing them.
Still abit strange but Im going to ignore them as fixing
it could cause more problems as its showing info that
isnt in my registry ??
Hope that helps
Andy
..
==========================================================
==========================================
Subject: Re: Spybot
From: "Robin Walker [MVP]" <[email protected]> Sent:
7/28/2005 4:56:28 AM
Yes, if you look closely at the SpyBot report, it is
complaining that they
are NOT zero (!=0), not that they ARE zero (=0). As you
posted, your
entries are non-zero because of the Symantec anti-virus.
So you are
observing the same effect as the others who recently
posted on the new
SpyBot alert.
It looks as if this SpyBot check is going to come up with
everyone using
McAfee or Symantec suites.
--
Robin Walker [MVP Networking]
(e-mail address removed)
..
==========================================================
==========================================
Subject: Spybot
From: "Q" <[email protected]> Sent:
7/28/2005 10:47:27 AM
Dont worry about this, This is just a added protection to
see if your antivirus and firewall is running. It is for
the Microsoft Security Center. It was changed by your
anti
virus to keep you from getting dual notices that your 3rd
party antivirus and firewall was off. (One warning from
your antivirus and one from Security Center.) It could be
helpful as second line of defense in case a virus would
try to turn off your antivirus. It would pop up a
Security
Center warning that your antivirus is turned off.
..
==========================================================
==========================================
Gilbert says: Thanks again & I'm sorry to post such a
long (and repetitive) entry on this forum.
Thanks everyone for your observations and help RE:
SpyBot's "detecting" two "Security Risks."
Here's my own update:
1.
I had SpyBot "fix" the Registry entries which are safely
stored in SpyBot's "Recovery" option.
2.
I uninstalled Microsoft AntiSpyware (Beta) and installed
the latest version of Webroot's "SpySweeper."
3.
Today, I ran SpyBot again and SURE ENOUGH it identified
the same two Registry entries that I had quarantened.
4.
I ran Webroot SpySweeper and it did not find anything.
5.
Perhaps that suggests as you say that SpyBot has another
false alarm issue here.
6.
I took Andy's suggestion and here's a copy of the
pertinent data from my Registy. I currently use Norton
Internet Security 2005:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\ZoneLabsFirewall]
==========================================================
==========================================
I don't understand this technical stuff but I'm assuming
things are OK and safe . . . or . . . ??
==========================================================
==========================================
SpyBot today finds the same "problems":
Security Risks: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\FirewallDisableNotify!=dword:0
Security Risks: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\AntiVirusDisableNotify!=dword:0
--- Spybot - Search & Destroy version: 1.4 (build:
20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-06-18 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-04-26 Includes\Cookies.sbi (*)
2005-07-22 Includes\Dialer.sbi (*)
2005-07-22 Includes\Hijackers.sbi (*)
2005-06-23 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2005-07-22 Includes\Malware.sbi (*)
2004-08-11 Includes\plugin-ignore.ini
2005-07-22 Includes\PUPS.sbi (*)
2005-04-27 Includes\Revision.sbi (*)
2005-07-22 Includes\Security.sbi (*)
2005-07-19 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2005-07-22 Includes\Trojans.sbi (*)
==========================================================
==========================================
Subject: Do I have two real "security threats"?
From: "Gilbert Shaver"
<[email protected]> Sent: 7/27/2005
6:25:07 PM
Wednesday, July 27, 2005
I have a question. First, here's the background to the
question:
I have Microsoft AntiSpyware (Beta) running actively on
my computer, so it's always checking my system. I always
keep current with all the updates.
I also have SpyBot S&D (current version) which I do not
run actively on my computer but I do keep current with
SpyBot's updates.
I run each program to scan my computer at least twice a
week.
Here is my question:
Today, I ran SpyBot S&D and it "detected" two "security
risks" which I have copied here below. A few minutes
later, I ran Microsoft AntiSpyware to scan my computer.
Microsoft AntiSpyware did not detect any threats on my
computer.
This now leads me to my big question: Can anyone tell me
whether the two "changes" made to my registry (see below)
are part of Microsoft's AntiSpyware program and updates?
Or, has SpyBot actually detected two threats that I
should have SpyBot quarantine? I obviously don't want any
real threats lurking on my computer. At the same time, I
don't want to quarantine or remove false-positive
registry items, especially if these rightly belong to the
Microsoft AntiSpyware (Beta) program and have been
installed in the latest update.
Can anyone advise me? What do you think I should do? I
will appreciate knowledgeable feedback.
Thanks,
GS
(e-mail address removed)
Security Risks: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\FirewallDisableNotify!=dword:0
Security Risks: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\AntiVirusDisableNotify!=dword:0
--- Spybot - Search & Destroy version: 1.4 (build:
20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-06-18 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-04-26 Includes\Cookies.sbi (*)
2005-07-22 Includes\Dialer.sbi (*)
2005-07-22 Includes\Hijackers.sbi (*)
2005-06-23 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2005-07-22 Includes\Malware.sbi (*)
2004-08-11 Includes\plugin-ignore.ini
2005-07-22 Includes\PUPS.sbi (*)
2005-04-27 Includes\Revision.sbi (*)
2005-07-22 Includes\Security.sbi (*)
2005-07-19 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2005-07-22 Includes\Trojans.sbi (*)
..
==========================================================
==========================================
Subject: Spybot
From: "Thedogateit"
<[email protected]> Sent: 7/27/2005
10:04:48 PM
I have the same problem as Gilbert
..
==========================================================
==========================================
Subject: Spybot
From: "AndyManchesta" <[email protected]>
Sent: 7/27/2005 10:45:06 PM
I wish I could help you on this and Gilbert but I do not
know whats caused it, heres my registry details from that
area but Im not sure if this is default or if its changed
with me having Symantecs protection installed.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
You could open the registry and export yours to check
them
Goto start then type regedit and press enter. Then Start
with HKEY_LOCAL_MACHINE then click the plus + beside it
then goto SOFTWARE and click the plus + then Microsoft
and the plus + then to Security Center but on that left
click Security Centre and not the plus +
Then you will see the values on the right pane,You can
then right click Security Centre and choose Export save
it to your desktop or somewhere you can find it easily
Find the file you just saved and right click it and
choose rename. Take off the REG part at the end and
replace it with txt and then choose yes on the pop up,
you can they post it on here
----------------------------------------------------------
This is strange Ive just updated Spybot and run a scan
and I've now got the same two security risks listed but
as you can see from my reg information above these are
not set to dword:0 so Im going to ignore them as it maybe
a bug in Spybot I had problems updating Spybot at first
the first two download sites I used said Bad Checksum but
I got them on the third attempt and now its showing the
same fault.
I assume its similar to the DSO exploit they used to show
where it wasnt a problem if pcs had the latest updates
from Microsoft and it was just a bug in Spybot that kept
showing them.
Still abit strange but Im going to ignore them as fixing
it could cause more problems as its showing info that
isnt in my registry ??
Hope that helps
Andy
..
==========================================================
==========================================
Subject: Re: Spybot
From: "Robin Walker [MVP]" <[email protected]> Sent:
7/28/2005 4:56:28 AM
AndyManchesta said:This is strange Ive just updated Spybot and run a scan
and I've now got the same two security risks listed but
as you can see from my reg information above these are
not set to dword:0
Yes, if you look closely at the SpyBot report, it is
complaining that they
are NOT zero (!=0), not that they ARE zero (=0). As you
posted, your
entries are non-zero because of the Symantec anti-virus.
So you are
observing the same effect as the others who recently
posted on the new
SpyBot alert.
It looks as if this SpyBot check is going to come up with
everyone using
McAfee or Symantec suites.
--
Robin Walker [MVP Networking]
(e-mail address removed)
..
==========================================================
==========================================
Subject: Spybot
From: "Q" <[email protected]> Sent:
7/28/2005 10:47:27 AM
Dont worry about this, This is just a added protection to
see if your antivirus and firewall is running. It is for
the Microsoft Security Center. It was changed by your
anti
virus to keep you from getting dual notices that your 3rd
party antivirus and firewall was off. (One warning from
your antivirus and one from Security Center.) It could be
helpful as second line of defense in case a virus would
try to turn off your antivirus. It would pop up a
Security
Center warning that your antivirus is turned off.
..
==========================================================
==========================================
Gilbert says: Thanks again & I'm sorry to post such a
long (and repetitive) entry on this forum.
-----Original Message-----
I wish I could help you on this and Gilbert but I do not
know whats caused it, heres my registry details from that
area but Im not sure if this is default or if its changed
with me having Symantecs protection installed.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
You could open the registry and export yours to check
them
Goto start then type regedit and press enter. Then Start
with HKEY_LOCAL_MACHINE then click the plus + beside it
then goto SOFTWARE and click the plus + then Microsoft
and the plus + then to Security Center but on that left
click Security Centre and not the plus +
Then you will see the values on the right pane,You can
then right click Security Centre and choose Export save
it to your desktop or somewhere you can find it easily
Find the file you just saved and right click it and
choose rename. Take off the REG part at the end and
replace it with txt and then choose yes on the pop up,
you can they post it on here
--------------------------------------------------------- -
This is strange Ive just updated Spybot and run a scan
and I've now got the same two security risks listed but
as you can see from my reg information above these are
not set to dword:0 so Im going to ignore them as it maybe
a bug in Spybot I had problems updating Spybot at first
the first two download sites I used said Bad Checksum but
I got them on the third attempt and now its showing the
same fault.
I assume its similar to the DSO exploit they used to show
where it wasnt a problem if pcs had the latest updates
from Microsoft and it was just a bug in Spybot that kept
showing them.
Still abit strange but Im going to ignore them as fixing
it could cause more problems as its showing info that
isnt in my registry ??
Hope that helps
Andy
.