Malwarebytes found 3 other registry data which it flagged and here are they:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
My question is should I remove them? The weird part is I'm running sp1 and I dont even have a security center as far as I know. Also I have automatic updates turned off, could this be the reason it shows up in registry as disabled?
Normally I would delete them but I've read quite a bit of the horror stories regarding malware and the registry, how they can take down the system with it or false positives that end up cripling the OS like recent example with superantispyware.
So I'm taking the catious route, whats your advice?
And another thing, I just finished complete scan with Malwarebytes and thats the only issues I'm getting, in the registry, no other malware anywhere. Does this mean these registry keys/data are leftovers of a previous infection that was cleaned? Or are they the infection itself? Thanks.
Edited by jedidummy, 21 March 2009 - 12:47 PM.