Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Support > Spybot reports Security Center issue - in XP SP1

Reply
Thread Tools

Spybot reports Security Center issue - in XP SP1

 
 
Terry Pinnell
Guest
Posts: n/a
 
      08-16-2005
Today I had a message from Spybot which I didn't understand.
---------
Windows Security Center.AntiVirusOverride: Settings (Registry change,
nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\AntiVirusOverride!=dword:0
---------

What action should I take?

From a little research, I get the impression that the 'Security
Center' is a WinXP SP2 facility. I have SP1 so how can the message be
valid?

--
Terry, West Sussex, UK
 
Reply With Quote
 
 
 
 
why?
Guest
Posts: n/a
 
      08-16-2005

On Tue, 16 Aug 2005 20:20:33 +0100, Terry Pinnell wrote:

>Today I had a message from Spybot which I didn't understand.
>---------
>Windows Security Center.AntiVirusOverride: Settings (Registry change,
>nothing done)
> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
>Center\AntiVirusOverride!=dword:0
>---------
>
>What action should I take?


www.google.com more

>From a little research, I get the impression that the 'Security


How much research is the point?

>Center' is a WinXP SP2 facility. I have SP1 so how can the message be
>valid?


Are you sure it's SP1, you confirmed it by using 'winver' as you didn't
get an SP2 upgrade automatically?

You did see the S&D forum thread, and tried to follow the instructions,
maybe even check your PC for trojans , spyware carefully then told S&D
to ignore the changes?


Me
 
Reply With Quote
 
 
 
 
Terry Pinnell
Guest
Posts: n/a
 
      08-16-2005
why? <fgrirp*sgc@VAINY!Qznq.fpvragvfg.pbz> wrote:

>
>On Tue, 16 Aug 2005 20:20:33 +0100, Terry Pinnell wrote:
>
>>Today I had a message from Spybot which I didn't understand.
>>---------
>>Windows Security Center.AntiVirusOverride: Settings (Registry change,
>>nothing done)
>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
>>Center\AntiVirusOverride!=dword:0
>>---------
>>
>>What action should I take?

>
>www.google.com more


Are you confident that will answer my specific question (about SP1)?
I'm not. I didn't see a single post about that aspect in a couple of
hours googling.

>>From a little research, I get the impression that the 'Security

>
>How much research is the point?


Answered above. Wouldn't it be more productive to attempt an answer to
the questions I've raised, rather than waste your energy on sarcasm?

>>Center' is a WinXP SP2 facility. I have SP1 so how can the message be
>>valid?

>
>Are you sure it's SP1


Yes.

>, you confirmed it by using 'winver' as you didn't
>get an SP2 upgrade automatically?


Don't understand the latter part of your question. Perhaps because the
first part was rhetorical? Anyway, I do think I'd know what version of
WinXP I have been using for the last 2-3 years! Or does asking a
question here automatically label me in your view as an ignorant fool?
But, if it makes you happy, yes, winver is one of several
confirmations. "Microsoft® Windows
Version 5.1 (Build 2600.xpsp2.040919-1003 : Service Pack 1)

>You did see the S&D forum thread, and tried to follow the instructions,
>maybe even check your PC for trojans , spyware carefully then told S&D
>to ignore the changes?


Try losing the rhetorical syntax. A little care with your grammar
would help comprehension too. Ask me a straight question and I'll
happily answer it. FWIW, I use Spybot and Adaware regularly, and
rarely see problems.

--
Terry, West Sussex, UK
 
Reply With Quote
 
why?
Guest
Posts: n/a
 
      08-16-2005

On Tue, 16 Aug 2005 21:28:31 +0100, Terry Pinnell wrote:

>why? <fgrirp*sgc@VAINY!Qznq.fpvragvfg.pbz> wrote:
>
>>
>>On Tue, 16 Aug 2005 20:20:33 +0100, Terry Pinnell wrote:
>>
>>>Today I had a message from Spybot which I didn't understand.


Many posts , forums all say it's an S & D bug, I had to use
www.google.com to find that.

If you want another option
http://groups-beta.google.com/group/...ublic.security

http://groups-beta.google.com/groups...21%3Ddword%3A0

http://groups-beta.google.com/group/alt.privacy.spyware/browse_frm/thread/88625af0f6463251/ba1ee5ab552ad7b5?lnk=st&q=AntiVirusOverride!%3Ddwo rd:0&rnum=1#ba1ee5ab552ad7b5

Jul 29, 7:12 am hide options
Newsgroups: alt.privacy.spyware
From: JC
Date: Fri, 29 Jul 2005 16:12:06 +1000
Local: Fri, Jul 29 2005 7:12 am
Subject: Re: SpyBot Definition File Update 25/07/05
Reply | Reply to Author | Forward | Print | Individual Message | Show
original | Report Abuse

<snipped lots>

I tried to access this last night and it wouldn't load - DNS issues. I
will
try it later today.

I did poke around in Security Center and found that under 'Change the
way
Security Center alerts me' I found that the Virus Protection tab was not
ticked.
I ticked it and re-ran SpyBot - no more warnings.

A bit of a more refined search

Spybot reports Security Center issue - SP1
.... nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\AntiVirusOverride!=
dword:0 ----- What action ... I have SP1 so how can the message be valid
....
http://microsoft.public.windowsxp.general - Aug 17, 6:34 am by Alias - 6
messages - 6 authors

Spybot reports Security Center problem
.... nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\AntiVirusOverride!=
dword:0 ----- What action ... I have SP1 so how can the message be valid
....
http://alt.privacy.spyware - Aug 17, 12:22 am by slate_leeper - 2
messages - 2 authors

Well you have asked in that group already, you had 1 reply.


>>>---------
>>>Windows Security Center.AntiVirusOverride: Settings (Registry change,
>>>nothing done)
>>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
>>>Center\AntiVirusOverride!=dword:0
>>>---------


<snip>

>>Are you sure it's SP1

>
>Yes.


Maybe your current AV product doesn't play well with XP.

Maybe you need SP2 now.

>>, you confirmed it by using 'winver' as you didn't
>>get an SP2 upgrade automatically?

>
>Don't understand the latter part of your question. Perhaps because the
>first part was rhetorical? Anyway, I do think I'd know what version of


It wasn't maybe , XP has a bad habit, by default of doing automatic
updates.

>WinXP I have been using for the last 2-3 years! Or does asking a


XP is one thing, updates and SPs are 2 others.

Details are always worth checking, sort of like this conversation at
work.

Reported phone fault, Person A keeps getting Person C calls.
Confirm fault, speaking to A and C.
Trace all connections for A and C , contact BT.
Fix Person C, rewire.
Person A reports never having a fault.
Person B now reports phone cut off (the rewire for C).
Person A was picking up calls from C's phone.

A bit of detail correct diagnostics given, checking and confirmation
always helps in any case. It saves time and effort having to ask
questions for things you may have already done.

>>You did see the S&D forum thread, and tried to follow the instructions,
>>maybe even check your PC for trojans , spyware carefully then told S&D
>>to ignore the changes?

>
>Try losing the rhetorical syntax. A little care with your grammar


Not soon.

>would help comprehension too. Ask me a straight question and I'll


Who cares?

>happily answer it. FWIW, I use Spybot and Adaware regularly, and
>rarely see problems.


Except this one.

You didn't try the S & D Ignore option then? It's detecting a change, if
you determine what ever is changing it it may be okay.

Maybe you have a patch that expects some SP2 functions to be present?

I would backup the registry , the key and delete it.


Find out what the dword value options are for then run a registry
monitor, manually change the key and see if anything changes it.


Remove the current version of S & D , try an older 1 , if it's okay
maybe it's the often discussed S & D bug.

Me
 
Reply With Quote
 
Terry Pinnell
Guest
Posts: n/a
 
      08-16-2005
why? <fgrirp*sgc@VAINY!Qznq.fpvragvfg.pbz> wrote:

>
>On Tue, 16 Aug 2005 21:28:31 +0100, Terry Pinnell wrote:
>
>>why? <fgrirp*sgc@VAINY!Qznq.fpvragvfg.pbz> wrote:
>>
>>>
>>>On Tue, 16 Aug 2005 20:20:33 +0100, Terry Pinnell wrote:
>>>
>>>>Today I had a message from Spybot which I didn't understand.

>
>Many posts , forums all say it's an S & D bug, I had to use
>www.google.com to find that.
>
>If you want another option
>http://groups-beta.google.com/group/...ublic.security
>
>http://groups-beta.google.com/groups...21%3Ddword%3A0
>
>http://groups-beta.google.com/group/alt.privacy.spyware/browse_frm/thread/88625af0f6463251/ba1ee5ab552ad7b5?lnk=st&q=AntiVirusOverride!%3Ddwo rd:0&rnum=1#ba1ee5ab552ad7b5
>
> Jul 29, 7:12 am hide options
>Newsgroups: alt.privacy.spyware
>From: JC
>Date: Fri, 29 Jul 2005 16:12:06 +1000
>Local: Fri, Jul 29 2005 7:12 am
>Subject: Re: SpyBot Definition File Update 25/07/05
>Reply | Reply to Author | Forward | Print | Individual Message | Show
>original | Report Abuse
>
><snipped lots>
>
>I tried to access this last night and it wouldn't load - DNS issues. I
>will
>try it later today.
>
>I did poke around in Security Center and found that under 'Change the
>way
>Security Center alerts me' I found that the Virus Protection tab was not
>ticked.
>I ticked it and re-ran SpyBot - no more warnings.
>
>A bit of a more refined search
>
>Spybot reports Security Center issue - SP1
>... nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
>Center\AntiVirusOverride!=
>dword:0 ----- What action ... I have SP1 so how can the message be valid
>...
>http://microsoft.public.windowsxp.general - Aug 17, 6:34 am by Alias - 6
>messages - 6 authors
>
>Spybot reports Security Center problem
>... nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
>Center\AntiVirusOverride!=
>dword:0 ----- What action ... I have SP1 so how can the message be valid
>...
>http://alt.privacy.spyware - Aug 17, 12:22 am by slate_leeper - 2
>messages - 2 authors
>
>Well you have asked in that group already, you had 1 reply.
>
>
>>>>---------
>>>>Windows Security Center.AntiVirusOverride: Settings (Registry change,
>>>>nothing done)
>>>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
>>>>Center\AntiVirusOverride!=dword:0
>>>>---------

>
><snip>
>
>>>Are you sure it's SP1

>>
>>Yes.

>
>Maybe your current AV product doesn't play well with XP.
>
>Maybe you need SP2 now.
>
>>>, you confirmed it by using 'winver' as you didn't
>>>get an SP2 upgrade automatically?

>>
>>Don't understand the latter part of your question. Perhaps because the
>>first part was rhetorical? Anyway, I do think I'd know what version of

>
>It wasn't maybe , XP has a bad habit, by default of doing automatic
>updates.
>
>>WinXP I have been using for the last 2-3 years! Or does asking a

>
>XP is one thing, updates and SPs are 2 others.
>
>Details are always worth checking, sort of like this conversation at
>work.
>
>Reported phone fault, Person A keeps getting Person C calls.
>Confirm fault, speaking to A and C.
>Trace all connections for A and C , contact BT.
>Fix Person C, rewire.
>Person A reports never having a fault.
>Person B now reports phone cut off (the rewire for C).
>Person A was picking up calls from C's phone.
>
>A bit of detail correct diagnostics given, checking and confirmation
>always helps in any case. It saves time and effort having to ask
>questions for things you may have already done.
>
>>>You did see the S&D forum thread, and tried to follow the instructions,
>>>maybe even check your PC for trojans , spyware carefully then told S&D
>>>to ignore the changes?

>>
>>Try losing the rhetorical syntax. A little care with your grammar

>
>Not soon.
>
>>would help comprehension too. Ask me a straight question and I'll

>
>Who cares?
>
>>happily answer it. FWIW, I use Spybot and Adaware regularly, and
>>rarely see problems.

>
>Except this one.
>
>You didn't try the S & D Ignore option then? It's detecting a change, if
>you determine what ever is changing it it may be okay.
>
>Maybe you have a patch that expects some SP2 functions to be present?
>
>I would backup the registry , the key and delete it.
>
>
>Find out what the dword value options are for then run a registry
>monitor, manually change the key and see if anything changes it.
>
>
>Remove the current version of S & D , try an older 1 , if it's okay
>maybe it's the often discussed S & D bug.
>
>Me


OK, thanks, quite a lot of useful suggestions to follow up there.

My conclusions so far are:
1. Spybot S&D is misleading in the way it reports this

2. I have some leftover from my brief flirtation with SP2 a year ago

3. I will ignore this (or 'Exclude' it) if (as I expect) it reoccurs

4. I will probably delete the entire key as you suggest. (Here's what
it looks like:
http://www.terrypin.dial.pipex.com/Images/Security1.gif
The data under all of those other Monitoring keys is identical, and
just the default entry:
Name Type Data
(Default) REG_SZ (value not set)

Thanks for your help.

--
Terry, West Sussex, UK
 
Reply With Quote
 
why?
Guest
Posts: n/a
 
      08-16-2005

On Tue, 16 Aug 2005 23:43:42 +0100, Terry Pinnell wrote:

>why? <fgrirp*sgc@VAINY!Qznq.fpvragvfg.pbz> wrote:
>
>>
>>On Tue, 16 Aug 2005 21:28:31 +0100, Terry Pinnell wrote:
>>
>>>why? <fgrirp*sgc@VAINY!Qznq.fpvragvfg.pbz> wrote:
>>>
>>>>
>>>>On Tue, 16 Aug 2005 20:20:33 +0100, Terry Pinnell wrote:
>>>>
>>>>>Today I had a message from Spybot which I didn't understand.

>>
>>Many posts , forums all say it's an S & D bug, I had to use
>>www.google.com to find that.


<snip>

>>You didn't try the S & D Ignore option then? It's detecting a change, if
>>you determine what ever is changing it it may be okay.
>>
>>Maybe you have a patch that expects some SP2 functions to be present?
>>
>>I would backup the registry , the key and delete it.
>>
>>
>>Find out what the dword value options are for then run a registry
>>monitor, manually change the key and see if anything changes it.
>>
>>
>>Remove the current version of S & D , try an older 1 , if it's okay
>>maybe it's the often discussed S & D bug.
>>
>>Me

>
>OK, thanks, quite a lot of useful suggestions to follow up there.
>
>My conclusions so far are:
>1. Spybot S&D is misleading in the way it reports this
>
>2. I have some leftover from my brief flirtation with SP2 a year ago


You had SP2 on that installation and removed it?

>3. I will ignore this (or 'Exclude' it) if (as I expect) it reoccurs
>
>4. I will probably delete the entire key as you suggest. (Here's what
>it looks like:
>http://www.terrypin.dial.pipex.com/Images/Security1.gif
>The data under all of those other Monitoring keys is identical, and
>just the default entry:
>Name Type Data
>(Default) REG_SZ (value not set)


There is a lot of AV/FW duplication there, clear out the product keys
for the products no longer installed. Maybe the reporting is a key for
something you don't have installed any more or that dword:0 was set when
uninstalled.

>Thanks for your help.


YW.

They don't let me near people at work either.

Me
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: Where to get stand alone Dot Net Framework version 1.1, version 2.0, version 3.0, version 3.5, version 2.0 SP1, version 3.0 SP1 ? PA Bear [MS MVP] ASP .Net 0 02-05-2008 03:28 AM
Re: Where to get stand alone Dot Net Framework version 1.1, version 2.0, version 3.0, version 3.5, version 2.0 SP1, version 3.0 SP1 ? V Green ASP .Net 0 02-05-2008 02:45 AM
Worm\Spybot (P2P-Worm.Win32.SpyBot.a) Danny Computer Information 0 08-14-2005 01:09 PM
SpyBot Finds and Removes "Windows Security Center" Registry Value ... Sens Fan Happy In Ohio Computer Support 1 08-06-2005 02:09 AM
worm/spybot.17.t (worm spybot 17t) detected by AVG code_wrong Computer Security 0 05-15-2004 04:40 PM



Advertisments