Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0)
The Disabled.SecurityCenter entries do not necessarily mean malware. They are registry keys that can be:
- Disabled by malware to prevent notification that your protection has been disabled
- Disabled intentionally by the user.
- Disabled by other security programs to prevent conflicts, duplicate warnings and allow them to have control.
This key controls the warning you get about your antivirus software (out of date, not installed .....). If the value is set to 1 you wont get any of these warnings and multiple malicious applications do this to prevent you from knowing that they have disabled your antivirus software. MBAM is re-enabling this function in your log.
explanation by Malwarebytes Staff
...these are registry keys that can be disabled by either malware (to prevent notification that protection is disabled) or by the user or their legit software to prevent conflicts or duplicate warnings.
It is not uncommon for security programs (as well as malware) to disable these keys and other security tools like Malwarebytes to detect and let you know they have been disabled. So if a scan is showing these entries and there are no other signs of infection, then it's likely that you or one of your security program has disabled them. If that's the case, then adding them to Malwarebytes's Ignore
list (by right-clicking) will prevent the detections from showing in future scans. If you are experiencing symptoms of malware, do not use other security programs and did not disable them yourself, then further investigation is warranted
as there is no way to specifically tell how or by what something became disabled.
Usually when your machine is infected with malware, you will experience other signs and symptoms (pop-up alerts, slow computer, poor performance, browser redirects, etc) that indicate something is wrong.