i'm no computer expert but i've always use S&D way back when i bought this pc.....lately i've noticed that my log off and run buttons are missing, i cannot access windows task manager, and i think i'm not recieving windows update anymore.....:sad:

By the way, i attached this pic for anyone to tell me what they think....
I think these are the causes to my problems....but i never mess with the registry cause i don't want to mess things up...

Could you explain each item? pls??
Is it safe to let S&D fix it? would it fix my problems?? Thank you for your time...;)

http://www.flickr.com/photo_zoom.gne?id=248134604&size=o

For these detections:

Windows Security Center.AntiVirusOverride: Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride!=dword:0
Windows Security Center.FirewallOverride: Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride!=dword:0
Go into Start > Control Panel > Security Center > look at the right hand side of the window and check the settings under "Firewall" and "Virus Protection" (expanding if necessary). I believe that you have overridden the protections and that you will find a button labeled "Recommendations". If you click on the "Recommendations" button I believe that you will get a window that indicates something like:
I have a firewall that I'll monitor myself.
and
I have an antivirus program that I'll monitor myself.
Note: with these setting Windows won't monitor your firewall and virus protection status and won't send you alerts if they are off or out of date.

For these detections:

Windows Security Center.AntiVirusDisableNotify: Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0
Windows Security Center.FirewallDisableNotify: Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0
Windows Security Center.UdateDisableNotify: Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify!=dword:0
Go into Start > Control Panel > Security Center > Resources (on the left hand side of the window – expand if necessary) > click "Change the way Security Center alerts me". This brings up an "Alert Setting" window.

There are three possible alerts:
Firewall
Alert me if my computer might be at risk because of my firewall settings
Automatic Updates
Alert me if my computer might be at risk because of my Automatic Updates settings
Virus Protection
Alert me if my computer might be at risk because of my virus protection software settings
I think that you will find that they are all turned off. With these alerts turned off you will not receive alerts from Windows.

I don’t know what if any firewall and anti-virus you are running, but if you are not running either please consider getting both or at least turn on the Windows firewall for limited protection and get an anti-virus.

The other detections are not full displayed. Please post a log of the actual detections you are getting. To do that:
Run another scan.
When the scan completes, right click on the results list, select "Copy results to clipboard".
Then paste those results to a new post in this thread.
In addition to the detections it provides the version of Spybot you are running, update level, etc.

it was, as you have told me....and i followed your instructions..i'm running S&D again i'll post about it later...

Please note: There is information for most of those detections within Spybot.

From the Spybot help facility:


For most of the problems there is more information available. On the right side of the window you will find a grey button. By clicking it a window will open and show you some information about the item selected (if there is none selected, you can simply click on it and the information will be displayed).

as per instructions...i now only recieve the following results from S&D.....
Windows Security Center.TaskManager: Settings (Registry change, nothing done)

HKEY_USERS\S-1-5-21-1757981266-1644491937-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr!=dword:0

Windows.Explorer: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1757981266-1644491937-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun!=W=0

Windows.Explorer: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1757981266-1644491937-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoClose!=W=0


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-09-20 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-09-15 Includes\Cookies.sbi (*)
2006-09-15 Includes\Dialer.sbi (*)
2006-09-15 Includes\Hijackers.sbi (*)
2006-09-15 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-09-15 Includes\Malware.sbi (*)
2006-09-15 Includes\PUPS.sbi (*)
2006-09-15 Includes\Revision.sbi (*)
2006-09-15 Includes\Security.sbi (*)
2006-09-15 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-09-15 Includes\Trojans.sbi (*)

***What should i do about the this??? i think this is the cause why the run and shut down buttons are missing...and task manager disabled....thank you once again...BTW, what could've caused this...

Is your system a standalone system or is it administered by a central organization? The reason I am asking is because some of the detections that you are getting can be centrally administered.

For the following detection:


Windows Security Center.TaskManager: Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1757981266-1644491937-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr!=dword:0
Indicates that the policy setting for "System\DisableTaskMgr"is not a dword:00000000. A setting of dword:00000001 will disable Windows Task Manager .

Read:
Enable / Disable Task Manager in Windows XP Home / Pro
http://www.windowsnetworking.com/kbase/WindowsTips/WindowsXP/UserTips/Customization/EnableDisableTaskManagerinWindowsXPHomePro.html
The following detection:


Windows.Explorer: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1757981266-1644491937-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun!=W=0
Indicates that the policy setting for "Explorer\NoRun" is not a dword:00000000. A setting of dword:00000001 will remove the Run menu from Start Menu.

The following detection:


Windows.Explorer: User settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1757981266-1644491937-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoClose!=W=0
Indicates that the policy setting for "Explorer\NoClose" is not a dword:00000000. A setting of dword:00000001 will prevent access to the Shut Down command.

If your system is not centrally administered, I suggest you fix the detections. If your system is centrally administered, I suggest you ask your IT department if these policies were intentionally set by them.

yes it is a stand alone pc...its only me and my family uses it....

so if i fixed it with s&d, those problems will be solved?? what do you think caused it???

thank you very much...i really appreciate it... do i have to fix the task manager first or fix the three directly??

so if i fixed it with s&d, those problems will be solved??
Hopefully. We've solve most of them already.


what do you think caused it???
I don't have the slightest idea. Actually you should be in a better position to know that than I am. For example: did you remove any malware from the system with anti-virus or anti-spyware programs prior to posting here that may have reset these settings? Please note: This is entirely a rhetorical question because I personally do not intend to try to trace cause and effect on these settings.


... do i have to fix the task manager first or fix the three directly??


If your system is not centrally administered, I suggest you fix the detections.
Try to fix all three problems from within Spybot. If the problems return after you have run the system for a while (including rebooting), post back with the detections you are getting (listing not a screen image please).

finally it's now gone...everythings back to normal....thanks once again...maybe the cause was that i change my antivirus from norton to mcafee (my subscription expired already)....

by the way, do you know any programs like the one in Norton Systemworks wherein you can erase the files in the Norton Protected Recycle bin?? because mcafee doesn't have anything to do with the recycle bin....so for example i erased a 3 gig file....since it cannot be placed in the recycle bin....i deleted it directly...but i didn't get back the free space i should have...any ideas???

i ran S&D again this morning and i found this....

Why did this happen??? i never turned off anything....help me again if it's ok...Thanks....:sad:

Microsoft.WindowsSecurityCenter_disabled: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start!=W=2

Windows Security Center.AntiVirusDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0

Windows Security Center.FirewallDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0

--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-09-20 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-09-15 Includes\Cookies.sbi (*)
2006-09-15 Includes\Dialer.sbi (*)
2006-09-15 Includes\Hijackers.sbi (*)
2006-09-15 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-09-15 Includes\Malware.sbi (*)
2006-09-15 Includes\PUPS.sbi (*)
2006-09-15 Includes\Revision.sbi (*)
2006-09-15 Includes\Security.sbi (*)
2006-09-15 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-09-15 Includes\Trojans.sbi (*)



Also in Security Center, It looks like this...http://www.flickr.com/photo_zoom.gne?id=249593383&size=o

If you choose McAfee SecurityCenter as the default Security Center during the installation of McAfee it will turn off the Firewall and Virus Protect alerts within Windows Security Center causing the following Spybot detctions:


Windows Security Center.AntiVirusDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0

Windows Security Center.FirewallDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0
I personally have McAfee SecurityCenter and it is not set up to be the default Security Center. By allowing Windows Security Center to monitor both my firewall and anti-virus, I do not get the detections in Spybot and more importantly Windows Security Center notifies me immediately if either my firewall or anti-virus are disabled.

The following detection indicates that Windows Security Center has been disabled:


Microsoft.WindowsSecurityCenter_disabled: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start!=W=2
This may also be a result of having installed McAfee SecurityCenter. If you want to try to re-enable Windows Security Center do the following: Go to Start > Run > type: services.msc > OK.
In the right pane, scroll down until you see Security Center.
Right click on Security Center and choose Properties.
Change the Startup type from Disabled to Automatic.
Click Apply.
Under Services Status click on the Start button.
Close Services.