Windows Security Center damaged

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I use Norton Internet Security 2007 and NoAdware 4.0. My system is (I think)
clean. However, I did have a problem with the nagging security center
pop-ups until I had everything cleaned up. The pop-up is gone, but probably
only because the malware tha caused it is now gone. The pop-up said my
computer was infected and I should click here to install software to clean
it. When I open Security Center to change the way it notifies me, that
option is disabled.

How do I gain full control of WSC again (i.e. get this option enabled again)?

Do I need to uninstall and reinstall SP2?

Thanks in advance.
 
Thanks for the reply.

No. The popups do not appear anymore and the red X is gone from the
systray, but the option in Windows Security Center to change the it notifies
me is still grayed-out. Do you think it is still infected or do you think
that a malware app I removed already made a change but the removal doesn't
necessarily fix that?

Do I need more tools than Norton Int Sec 2007 and NoAdware 4.0?
 
JMZ said:
Thanks for the reply.

No. The popups do not appear anymore and the red X is gone from the
systray, but the option in Windows Security Center to change the it
notifies
me is still grayed-out. Do you think it is still infected or do you think
that a malware app I removed already made a change but the removal doesn't
necessarily fix that?
Click to expand...

I don't understand what it is you're seeing in Security Center. Could you
explain that again? Use as much detail as you can to describe to me what you
see. In Mine, I see "Security Essentials" and entries for Firewall,
Automatic Updates and Virus Protection. I don't see anything resembling whtr
I think you're describing.
Do I need more tools than Norton Int Sec 2007 and NoAdware 4.0?
Click to expand...

Yes. First, I'd not use Norton at all. Norton is a dumb 800 lb gorrilla
sitting on top of your system, providing OK protection but interfering with
the system on a continuous basis. Causes a lot of problems. McAfee is only
slightly better. Use something else like:

ETrust -- http://my-etrust.com/microsoft
Avast! -- http://avast.com/eng/avast_4_home.html
AVG -- http://www.grisoft.com

Next, I'd use AdAware, Spybot Search & Destroy (scanners that look for
malware) and for protection use SpywareBlaster and HOSTS MAnager.

AdAware http://www.lavasoftusa.com/software/adaware/
Spybot S&D -- http://www.safer-networking.org/index.php?page=download
SpywareBlaster -- http://www.javacoolsoftware.com/spywareblaster.html
HOSTS Manager -- http://www.mvps.org/PracticallyNerded/Software.htm

If you suspect an infestation is already present, after runnign all that
stuff, then you'll want to run HiJackThis and possibly som eothers. HJT
requires an expert to interpret the results. DO NOT use HJT to "Fix"
anything until you're told to do so by an expert. See
www.aumha.org/a/quickfix for more instruction. See, also, the Security link
in my sig. (And note that the Clean Boot operations I recommend are for
Win98/98SE only. There are similar procedures for WinXP, but I don't get
into those. Usually aren't necessary for WinXP, just use Safe Mode instead.

--

Gary S. Terhune
MS-MVP Shell/User
http://grystmill.com/articles/cleanboot.htm
http://grystmill.com/articles/security.htm
 
Thanks Gary.

I'm not at my home pc right now, so please bear with my generalities as I
don't remember the exact wording of everything.

I have Windows XP, SP2. In the Security Center (from Control Panel), there
are various options you can select to take different actions. The last
option is used to change the way it alerts/notifies you of problems. That
option is grayed-out. It does not do anything when clicked. The other
options are still functional. So, I'm sure that some malware caused that
option to become non-functional, but I think that I have removed that malware
at this point because I don't get the annoying pop-ups from the systray about
being infected anymore. The red X is gone. However, the option is still
non-functional in the Security Center GUI.

My question is how do I make that option functional again? Do you think I
need to uninstall and re-install SP2?

If there is not a setting buried somewhere in the registery, then it may be
that application itself was hacked. Would you agree with that? If not, what
do you think happened?

BTW, I've already spent $110 on Norton and NoAdware. If these other programs
are similarly priced, then I would sooner buy a new pc.

Do you think one needs to have all of these tools installed and running, no
matter what? It looks like you recommend having 5 to 6 tools, and you didn't
even list a firewall, so that's another one.

Thanks again.
 
JMZ said:
Thanks Gary.

I'm not at my home pc right now, so please bear with my generalities as I
don't remember the exact wording of everything.

I have Windows XP, SP2. In the Security Center (from Control Panel),
there
are various options you can select to take different actions. The last
option is used to change the way it alerts/notifies you of problems. That
option is grayed-out. It does not do anything when clicked. The other
options are still functional. So, I'm sure that some malware caused that
option to become non-functional, but I think that I have removed that
malware
at this point because I don't get the annoying pop-ups from the systray
about
being infected anymore. The red X is gone. However, the option is still
non-functional in the Security Center GUI.
Click to expand...

OK, I see what you're talking about. I think you're probably right about the
malware being involved. But I'd go through all the steps I advised before,
just to make sure. Different malware scanners look for different things, and
it takes running several of them to make sure you find it all, finishing off
with HijackThis. (There are more in-depth tools, like RootKit Revealer, but
you'd use those only on the advise of an expert.) It's possible that one or
more of those steps will identify the condition you're seeing as a result of
malware and even possibly repair it. I don't know enough about that dialogue
to know where to look. Might be Registry, might be some other configuration
file or the program itself. I'm not familiar with the programming used here.
My question is how do I make that option functional again? Do you think I
need to uninstall and re-install SP2?
Click to expand...

I'd not do anything like that until you've done everything else I've
suggested and are certain that the malware is truly gone. I'll look into how
that dialogue works and how it might be re-enabled. But at this point I
consider it a symptom of something that might not have been totally removed.
I don't try to fix such symptoms until I'm certain the malware is all gone.
If there is not a setting buried somewhere in the registery, then it may
be
that application itself was hacked. Would you agree with that? If not,
what
do you think happened?
Click to expand...

Yes, I'd agree that the malware probably disabled the setting in order to
disable your ability to be notified. However at this point it's a minor
nuisance and not what I'd be focussing on.
BTW, I've already spent $110 on Norton and NoAdware. If these other
programs
are similarly priced, then I would sooner buy a new pc.
Click to expand...

I'm sorry you did that. The apps I recommend are either free for home use
(though donations are always appreciated), or free for a year and $50(?)
after that (ETrust.) EVERYTHING I've recommended you do now can be done with
no additional outlay of cash.
Do you think one needs to have all of these tools installed and running,
no
matter what? It looks like you recommend having 5 to 6 tools, and you
didn't
even list a firewall, so that's another one.
Click to expand...

ETrust Internet Security Suite includes a firewall (built on ZoneAlarm). You
can get it for $30 for the first year, not sure what renewals cost. Maybe
$40 or $50 per year? Otherwise, use ZoneAlarm (free.) Of course, if you're
on broadband you *really* want to use a router with NAT firewall included.
None of the apps I recommended (except antivirus and now firewall) normally
run while you're in Windows. They are either on-demand scanners (you run
them regularly to see if anything has gotten in) or they make changes to the
system that prevent your IE from going to certain sites, including
advertising sites that are embedded in other pages. They add items either to
the Restricted Zone or to the HOSTS file. They aren't *running* they just
add to lists of blocked/restricted sites.
Thanks again.
Click to expand...

You're welcome. Keep us posted as to your progress. I'll look up what I can
to see if there's a direct repair for that Security Center, but I'm very
tempted to not even tell you about it until you've done the things I
suggest. I feel that strongly about it.

--

Gary S. Terhune
MS-MVP Shell/User
http://grystmill.com/articles/cleanboot.htm
http://grystmill.com/articles/security.htm
 
I should have added one more scanner to your list called Multi_AV (written
by MVP David Lipman.) This one runs four different "command-line" scanners,
from Sophos, Trend-Micro, McAfee and Kaspersky. It shoul dalwasy be run if
you have a confirmed infection (even if whatever yu are already using says
you're clean.) This pagfe has decent instructions included and the link to
download:
http://www.google.com/url?sa=U&star...t/step_by_step_pc_cleaning_process.htm&e=9797

--

Gary S. Terhune
MS-MVP Shell/User
http://grystmill.com/articles/cleanboot.htm
http://grystmill.com/articles/security.htm
 
Back
Top