RE: Malware and disabled security center



My reply is at the bottom of your message :

"AZK" wrote:

My daughter's computer (HP running WinXP Home SP2) has the same problem as
previously posted by another user. My daughter(who says she knew better)
clicked on a suspicious link in an AIM message she received, AIM went crazy,
and now Windows Security's firewall is disabled and auto update turned off,
with the ability to turn the firewall back on denied because of a group
control issue. The fix suggested by Bruce Chambers to the other poster to go
into group policy editor (start-run-gpedit.msc) would not work for me,
windows said it could not find it. McAfee found no virus, Ad-Aware found no
malware, but Spybot found 6 entries that all relate to windows security
center--it says it fixes them but the firewall problem remains and when I run
Spybot again it finds the same 6 entries. They are all registry changes,
they read as follows:

WindowsSecurityCenter.AntiVirusDisableNotify
settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\AntiVirusDisableNotify!=dword:0

WindowsSecurityCenter.AntiVirusOverride
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\AntiVirusOverride!=dword:0

WindowsSecurityCenter.FirewallDisableNotify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\FirewallDisableNotify!=dword:0

WindowsSecurityCenter.SP2Update
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Wondows\WindowsUpdate\DoNotAllowxps2!=dword:0

WindowsSecurityCenter.UpdateDisableNotiry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\UpdayesDisableNotify!=dword:0

Any help would be appreciated, as I just spent many hours getting rid of the
downloader-AWX Trojan that McAfee found but could not remove, and now this.

Signed,
A weary not-really-computer-savvy Mom who has better things to do. LOL










Relax first . You can't do anything if you are weird :) Now , take a day off
work because this should be solved but it needs some time , some hours ...

Perform carefully and strictly the "Check for and eliminate" instructions in
my site
http://pandaman.my.contact.bg
to kill that malicious software . In addition ,on the bottom of the
instructions there is a link to the "Special clean" instructions which you
need to read


When you are clean , make sure you visit all other sections and protect your
PC and force your child use Limited accout and things like that ... :)


Panda_man
--
Bronze level Contributor
http://pandaman.my.contact.bg
Please , rate posts

.



Relevant Pages

  • Re: Norton WMI will not install
    ... Firewall only and with ZoneAlarm firewall only and with both activated. ... have tried the Norton WMI download with each of these firewalls as above and ... I've tried your instructions but something appears to be missing. ... In the Windows Security Center window, ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Sasser
    ... today for clear instructions to avoid the shutdown which differ between XP ... For Windows 2000, it is somewhat more complex, but possible, without ... I suppose we're going to need a caveat for AOL users whose AOL version ... doesn't include a firewall and doesn't allow XP's firewall to be active on ...
    (microsoft.public.security.virus)
  • Re: Stop: C0000218 {Registry File Failure}
    ... >on my win2000 computer but the only instructions I can ... >that reads at the bottom of the page for xp pro and xp ... Windows: General MVP ...
    (microsoft.public.win2000.general)
  • firewall
    ... I have Windows Xp and I tryed to enable the firewall with ... the instructions on the microsoft web site, ... says "Windows cannot display the properties of this ... Restore to restore Windows to an earlier time." ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Silversurfers E-MAIL list IMPORTANT
    ... instructions at the bottom of the page. ... don't run a Windows OS but a Linux one? ...
    (uk.people.silversurfers)