When Spybot SD is run it comes up with 2 criiticals

1. WIndows Security Centre,Antivirus Override.
I have AVG installed (and upto date) but the SC does not recognise it so I have it set to SELF MONITORING. When this is deselected SC reports no AV software found.

2.Windows Security Centre. Firewall Override
I have SYgate personal installed. Again I have this set to self monitoring as windows does not recognise it.

Am I in trouble here? Or is this just a bug in SpybotSD?

All scans (AD-Aware - A2 - MS AntiSpyware - HJT) show clean system.

I get those as well since I have the security center completely disabled through administrative services. It's not a bug, just Spybot warning you that the security center is not reporting the all is OK signal. In your case since windows doesn't recognize AVG or Sygate you get the red flag. I added them to the ignore list. Your fine. :)

Thanks JL. Peace of mind once more! (for a short while :) )

Windows Security Firewall.Override is not is not a spyware entry but a useage track,
if you do not want to be notified - switch to Advanced Mode / File Sets
and uncheck Usage Tracking under Set/Filename column.
that will stop informing you that you have changed the Windows Security Center Settings thats all.

Good Luck...

I was going to say that I use AVG and Sygate on three XP machines at home (one XP Pro and two XP Home, all fully updated) and have never seen those reports from Spybot. 1) XP Security Center recognizes Sygate just fine and the XP firewall is off and 2) XP Security Center recognizes AVG right down to reporting the version number and that the virus definitions are up to date. I have run Spybot in normal mode and never seen those alerts, I normally run Spybot in advanced mode but never touched Usage Tracking.

Something's not right.

I believe the Security Center only recognizes the latest versions of each program, so it may mean that you don't have the latest versions... I see that you said AVG is up to date, but you may want to double check that...

AVG details
Program ver: 7.0.344
Virus base: dated (today) 2/9/2005
File version: 7.1.0.338

Since telling Spybot to remove the finds MS sec center now set as self-monitor and show "NOT MONITORED" (orange colour). When I set it to windows monitoring it still show red and says no AV installed.

Sygate is still the same. Not recognised by windows.
Ver: 5.06 buid 2808
Profile format number: 4.0.2
All MS patches upto date.

Your AVG and Sygate versions match mine. Are you using plain old XP/XP Pro or the 64 bit XP?

XP Pro 32bit on NTFS

Well Ernie, I'm stumped then. In terms of the OS and those applications, we have the same system. My XP Pro see both AVG and Sygate. I did nothing special eithet to the OS, those apps or S&D.

I am the same. No tweaks to windows or Spybot.

Do you have ALL the MS patches released installed? (which could be the only difference)

The SC didn't used to recognize AVG on my computer but it does now. It says I have a FW turned on but doesn't say which one it is (Kerio).

Ernie, is this the machine you built several months ago? I was thinking maybe if AVG has been upgraded over several older versions maybe that might be the problem, but if this is a new build that shouldn't be a problem.


Pop pop
I was going to say that I use AVG and Sygate on three XP machines at home (one XP Pro and two XP Home, all fully updated) and have never seen those reports from Spybot.
Do you have all the notifications enabled in the SC? If so Spybot wouldn't give any red flags on it since they are enabled.

I have all mine turned off, and the SC disabled completely in administrative services. That's why I get the entries in Spybot.

Ernie, do you have any notifications disabled in the SC? Sorry, I shouldn't have assumed you did. :(

I have every update available for XP Pro installed, even those that are optional and that I probably don't need.

This sounds like a SP2 issue that should have been (was) taken care of--that may be reaching but given what we're seeing, I don't know what else it could be. Did you have to "download" SP2, or did you install a new copy of XP Pro that included it?

Here's another shot in the dark. Look here at Enabling Programs section: http://support.microsoft.com/default.aspx?kbid=842242

This sounds like a SP2 issue that should have been (was) taken care of--that may be reaching but given what we're seeing, I don't know what else it could be.
I agree. I think it's the SC just being buggy. Perhaps in this particular build version of XP SP2.

I still don't think it is anything to worry about. Might be worth a virus scan and the like. Or maybe a reinstall of AVG might do the trick.

Oh I forgot to say earlier all MS patches are up to date here.

:confused: :confused:

EDIT - It's another shot in the dark, but if you use a reg cleaner you might look in the backups to see if it removed anything to do with AVG or your FW since the SC relies on a registry entry from the AV/FW to enable them to be reported in the SC. MS says that all major AV/FW makers have cooperated to include this required reg entry for the SC.

Another thing to try.

Turn OFF the overrides.

Go into Control Panel/Performance and Maintenance/Administrative Tools/Services and makes sure AVG services (there are two in mine) and Sygate services (1) are registered, Startup Type is Automatic, and Status is Running.

You can also verify those "registry" settings via a HJT scan. They will be listed as 023s. Andd there will be two for AVG and one for Sygate.

LAtest version of both programs installed. Windows update is run Auto to check and manual download. I also once a week run windows update manually to check for anything auto might have missed or for updated patches in-between the monthly updates.

Yes new comp and SP2 is built into the new os disk that I purchased when I built this machine a couple of months ago

HJT =
AVG 04 (two off / cc and emc) 023 (two off / alert and updt)
Sygate 04 (one off) 023 (one off)

Services =
2 AVG
1 Sygate

Sec Centre
AV -
When set to SELF MONITOR it shows NOT MONITORED (Shows ORANGE in Sec Cntr). When this option is turned off it says NOT FOUND (shows red in Sec Cntr)

FireWall -
When set to SELF MONITOR it shows NOT MONITORED (Shows ORANGE in Sec Cntr). When this option is turned off it says FIREWALL OFF (shows red in Sec Cntr)

Turn off over-rides (?)

Turn off over-rides (?)

What can I say Ernie, part of a shot in the dark. I just thought getting your settings exactly like mine (since our OS/AV/FW are the same) was worth a try. :confused:

Well, mate...looks like you're the benefactor of one of those "it's not a bug, it's an unexpected behavior" things courtesy of M$.

I have checked out one of the computers that I look after.

All settings the same as my own. Same software. I do all his updates manually once a month just the same as with my own. Different showing in SC.

The only difference between the other computer and my own is the other comp is installed with a (home made) slipstreamed Prof & sp2 (Full SP2 downloaded from MS) disk, as opposed to bought Prof with Sp2 built in that I used ofr my own installation.

bought Prof with Sp2 built in that I used for my own installation

That's what I have. MyStery :confused:

I much prefer Mystery to Mysery, and as everything seems to be ok and all scans show clean there is only mystery

ErnieK, I'm apologize in advance for not having anything useful for your situation, but I couldn't help myself and repeat something in one of your other posts:

Are you sure that this cannot be classified as "an unexpected behavior". :D

poppy
for your first lesson in computing on this dull and dank morning we will talk about our favourite subject. WINDOWS

You are fortunate that for this mornings lecture things will have to be kept brief, the reason for this being that my fingers have larengitis.

Windows -
The origins of a Window was to enable you see and view something. In the case of and buildings it was to let light in. At the beginning, these were just gaping holes in the wall, sometimes covered with a make shift patch work to reduce the cold draughts. Evnetually nearly all houses had these FEATURES built in.

As time passed some individuals expanded the area in which this (house) sat and put defensive measures around it. In other words they put a fence around it. BUT!, and this is abig BUT, there had to be a way for (at times unwanted) guests to enter, so someone came up with a GATE. If the property was big enough you then put in GATES (plural).

When one used these items, one expected certain things to happen. But as they got larger and more ornamental things did not always go as they should. Sometimes this defensive barrier would devlope faults and allow unwanted things to enter the propertiy, or the hinges would become loose or fall off, still alowing the GATES to be used. Even though it was possible to continue to use these GATES it became extremely troublesome in certain circumstances. This was what became known as unexpected behaviour

I do not want to be pane but I must once again refer back to the beginnings of this lecture. The subject inquestion is WINDOWS.

At the beginning they were an effective item for the purpose for which they were disigned. But in this world there were certain individuals (we shall call them cretans) that decided that these enhancements could be used for nefarious purposes. To combat this more inventions had to be made. Glass and shutters are just a couple a couple of examples of the patches used . But it was found that the cretans could over come these further enhancements. So another layer of defensive barrier was invented as a stop gap. This became known as The Security Centre.

Now the theory and idea behind this security centre was to enable an individual to control his defensive measuers. Once again the theory was that from one central point everything could be secured. After a lot of delays and talking about it, this was eventually brought into use. It was now expected that all windows (etc) would be secure from this point onwards. That this alarm, or as it was known, security centre, would stop these cretans from mis-using the holes where windows sat. This was the expected behaviour. Over a period of time it was found that these cretans could circumvent these measures, and that there were times when these alarms would give out false warnings. This became what is now known as unexpected behaviour

The lecture is now completed for the day.

Ps. do you see any similarities?

Then I guess it would be safe to say that I could put on my Tux (http://www.linux.org/info/seven_tux.html) and bust through the Windows and go to the ball and enjoy myself and not worry about a lot of this. ;)

You've got it in a oner!