Jump to content


Recommended Posts

Over the weekend my wife infected her machine with the KoobFace worm and it proceeded to attack other machines on the home network. Been pretty successful getting everything cleaned up and decided to scan my work machine just in case (at one point it was on the network over the weekend when the infection was present but not attacked - no popups for Total defender etc. like the other machines).

The work laptop MalwareBytes scan came back with three warnings all about registry entries related to Disabled.SecurityCenter. I did some research and just looking for some confirmation on my conclusions. My work laptop had Symantec Antivirus and Client Firewall running by default. It seems that these registry entries relate to certain notification in the MS Security Center being turned off and it seemed to me that it would be reasonable to assume that it is Symantec turning off these entries and safe to ignore them. I'm getting no other malware hits on this machine like I found on the other infected machines.

I conclusion is that I should not let Malwarebytes delete the entries because they are likely the way Symantec wants them - any thoughts?

Link to post
Share on other sites

Hello Gadgetdude , Welcome to Malwarebytes.org

We don't work on Malware removal or diagnostics in the general forums.

Please print out, read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance when one becomes available.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someone has replied to your post.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org

Link to post
Share on other sites

@ Gadgetdude

Hello and Welcome to Malwarebytes.

As a Network Admin, I do not really like it when my users are making changes to their computers. A lot of companies have polices in place to prevent you from altering such changes. Being that this is a work computer you should have your IT guys have a look at those changes and see if in fact Symantec is the one making those changes.

We do not really allow changes being made to computers because sometimes this causes more harm than good.

Some work environments also have Group Polices that make changes to computers for security reasons.

As a side note as well, Malwarebytes free edition is for home users / personal use, and if you are using it on a corporate computer you should ask your IT guys about getting a corporate version of Malwarebytes.

But to answer your question, without seeing the acutual log files to see the exact infections we can not give you a definete answer, so you will have to follow the instructions from Blaze to get help from an expert..

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.