Destroy or Not to Destroy?..............

[Molecular]

Hello everyone I'm new here and this is my first post.






I just ran a scan of my computer and these entries were found for the first time since I've been using SB Search&Destroy, Adaware never detected them. I actually had SB delete them, and had them removed from the 'Recovery' list, but they came back..........what should I do about this? Thanks in advance.

[bubba]

Why does Spybot-S&D flag changes in the Windows Security Center?

Quote:

Since the Detections Update from July 25, 2005, Spybot - Search & Destroy 1.4 has been detecting Security Risks (renamed to "Windows Security Center" on July 30) associated with Microsoft Security Center Registry changes. This is neither a false positive nor a bug. It is just an information.
Spybot-S&D only wants to bring to your attention that "someone" disabled one or more notifications in the Windows Security Center, e.g. the notifications that your virus protection is not active or not up-to-date.

If you changed the settings yourself you can safely tell Spybot to exclude those detections from further scans.
-
-
-
cont.

[Molecular]

Thanks for the quick response and info Bubba, much appreciated.

I'll just put those entries on the ignore list then.

[bubba]

Quote:

Originally Posted by Molecular

Thanks for the quick response and info Bubba, much appreciated.

You are very Welcome

Quote:

I'll just put those entries on the ignore list then.

Good call

[md usa spybot fan]

Molecular:

I offer the following so that you know what you are dealing with before you ignore the detections.

For the following detection:

• Windows Security Center.SP2Update: Settings
  HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\DoNotAllowXPSP2!=dword:0

See this thread:

• Windows Security Center.SP2Update
  http://forums.spybot.info/showthread.php?t=87

The other five detections indicate that you have almost every feature of Windows Security Center turned off.

For these detections:

• Windows Security Center.AntiVirusOverride: Settings
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride!=dword:0
• Windows Security Center.FirewallOverride: Settings
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride!=dword:0

I suggest that you go into Start > Control Panel > Security Center > look at the right hand side of the window and check the settings under "Firewall" and "Virus Protection" (expanding if necessary). I believe that you have overridden the protections and that you will find a button labeled "Recommendations". If you click on the "Recommendations" button I believe that you will get a window that indicates something like:

• I have a firewall that I'll monitor myself.

and

• I have an antivirus program that I'll monitor myself.

Note: with these setting Windows won't monitor your firewall and virus protection status and won't send you alerts if they are off or out of date.

For these detections:

• Windows Security Center.FirewallDisableNotify: Settings
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0
• Windows Security Center.AntiVirusDisableNotify: Settings
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0
• Windows Security Center.UdateDisableNotify: Settings HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify!=dword:0

Go into Start > Control Panel > Security Center > Resources (on the left hand side of the window – expand if necessary) > click "Change the way Security Center alerts me". This brings up an "Alert Setting" window.

There are three possible alerts:

• Firewall
  Alert me if my computer might be at risk because of my firewall settings
• Automatic Updates
  Alert me if my computer might be at risk because of my Automatic Updates settings
• Virus Protection
  Alert me if my computer might be at risk because of my virus protection software settings

I think that you will find that they are all turned off. With these alerts turned off you will not receive alerts from Windows.

I don’t know what if any firewall and anti-virus you are running, but if you are not running either please consider getting both or at least turn on the Windows firewall for limited protection and get an anti-virus.

[Molecular]

Thanks for the additional information SpyBot Fan. I am using both a firewall, 'Sygate Pro', and a virus program that is built into Vcom's 'SystemSuite Pro 6.0'.
I actually did a test of my firewall before posting here, at Sygate's site, and also at the 'Shields Up' site, I came away with a clean bill at both places. As for my virus program, I ran a full deep scan and found nothing.

I just wanted to post here to be sure that what SB found was nothing that I need worry about. Thanks again for the help gentlemen.

[xXxPsychoXChickxXx]

Quote:

Originally Posted by Molecular

Hello everyone I'm new here and this is my first post.






I just ran a scan of my computer and these entries were found for the first time since I've been using SB Search&Destroy, Adaware never detected them. I actually had SB delete them, and had them removed from the 'Recovery' list, but they came back..........what should I do about this? Thanks in advance.

I was on my computer last night, and i was looking on a website that shows some good firewalls (i was looking to see if i could get one better than mine, which is Symantec firewall blah blah) and then all of a sudden this thing popped up in the top of the website page saying that i should scan my computer because it might be infected with spyware or something)...then it just froze and i couldnt do anything for a while so i hit the button that turns the computer on and off and held it to shut down the computer and when i restarted it the screen would show all my icons and the bar at the bottom of the desktop (start menu, and all the little icons on the bar to the right by where the time is displayed) all the icons and the blue bar at the bottom kept appearing and disappearing making it so that i couldnt do shit...so i restarted my computer again and quickly ran spybot and it detected the Windows security center.antivirus override thing and its detected that before many times but its never done anything until now...so anyway i deleted all the problems that spybot detected and i restarted my computer (since that's all i could do considering all my icons and the bar was gone) and when it started back up it was normal and this red shield thing with an x on it appeared in the lower right hand corner of the bar at the bottom saying the security setting or something was in an unknown state i think and i changed it to "not monitored" which it always has been on for the past year and a half almost and then this notice came up (i dont know if its for all users but symantec has this thing pop up saying like, do u want to permit this or block it or whatever the third one was and i clicked permit it cuz i was running adaware stuff and it said the software was what it was trying to know if i wanted it permitted or not and i said permit it and i clicked this thing that says "always do this for this thing" and then all the icons and the bar at the bottom disappeared again, even after i thought i had deleted it many times it just comes back like this dude, and i had to restart my computer again, and scan with spybot again and it detected the override thing again and i "fixed" the problem and i restarted it again and it was doing the same shit again (everything was disappearing again) but i managed to be quick and open up the little red shield (i mentioned this earlier in this message) with the x and spybot...and i changed the thing back to "not monitored' cuz whatever this thing is change my settings on my firewall AGAIN...and then i opened up the internet from this link that is supposed to help me from my firewall and i used this opprtunity to get on the internet (since i cant do anything on my computer) and i typed in the exact problem HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride into google and i found this website as the first link and i read this guys problem and it is somewaht like mine except mine is actually fucking up my computer...and now im here typing this message (with spybot still open looking at the recovery list that shows the problem and no bar and no icons anywhere on my desktop) im gunna restart my computer to see if anything changed (which i highly doubt will happen) please respond quickly...

[spybotsandra]

Hello,

Seems like you are infected, so please follow the procedure in this link:
"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance)

Then start your own thread in the Malware Removal Forum where a helper will advise you when available.

Best regards
Sandra
Team Spybot