RE: Malware and disabled security center



My reply is at the bottom of your message :

"AZK" wrote:

My daughter's computer (HP running WinXP Home SP2) has the same problem as
previously posted by another user. My daughter(who says she knew better)
clicked on a suspicious link in an AIM message she received, AIM went crazy,
and now Windows Security's firewall is disabled and auto update turned off,
with the ability to turn the firewall back on denied because of a group
control issue. The fix suggested by Bruce Chambers to the other poster to go
into group policy editor (start-run-gpedit.msc) would not work for me,
windows said it could not find it. McAfee found no virus, Ad-Aware found no
malware, but Spybot found 6 entries that all relate to windows security
center--it says it fixes them but the firewall problem remains and when I run
Spybot again it finds the same 6 entries. They are all registry changes,
they read as follows:

WindowsSecurityCenter.AntiVirusDisableNotify
settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\AntiVirusDisableNotify!=dword:0

WindowsSecurityCenter.AntiVirusOverride
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\AntiVirusOverride!=dword:0

WindowsSecurityCenter.FirewallDisableNotify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\FirewallDisableNotify!=dword:0

WindowsSecurityCenter.SP2Update
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Wondows\WindowsUpdate\DoNotAllowxps2!=dword:0

WindowsSecurityCenter.UpdateDisableNotiry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\UpdayesDisableNotify!=dword:0

Any help would be appreciated, as I just spent many hours getting rid of the
downloader-AWX Trojan that McAfee found but could not remove, and now this.

Signed,
A weary not-really-computer-savvy Mom who has better things to do. LOL










Relax first . You can't do anything if you are weird :) Now , take a day off
work because this should be solved but it needs some time , some hours ...

Perform carefully and strictly the "Check for and eliminate" instructions in
my site
http://pandaman.my.contact.bg
to kill that malicious software . In addition ,on the bottom of the
instructions there is a link to the "Special clean" instructions which you
need to read


When you are clean , make sure you visit all other sections and protect your
PC and force your child use Limited accout and things like that ... :)


Panda_man
--
Bronze level Contributor
http://pandaman.my.contact.bg
Please , rate posts

.