False positives?

[ChicBookFiend]

Every time I scan with Spybot- S&D I get the following results:

Windows Security Center.AntiVirusDisableNotify

Windows Security Center.FirewallDisableNotify

The first time I got these I removed them, and when I did both my AV and firewall were disabled. So, I figured it was just a false positive and leave it alone whenever those two come out after a scan. (For the most part, I get Firefox tracking cookies, which are annoying but not serious.)

Is there a patch for this problem? If so, please let me know.

[Zenobia]

Removing those entries with Spybot shouldn't disable your antivirus or your firewall.Both your antivirus and your firewall were disabled only after you fixed Microsoft.WindowsSecurityCenter.AntivirusDisableNotify and Microsoft.WindowsSecurityCenter.FirewallDisableNotify with Spybot?

Please see here:
http://www.spybot.info/en/faq/46.html

If you highlight the detection with your mouse,Spybot will give you this description after you click the bar over to the right:
Microsoft.WindowsSecurityCenter.AntivirusDisableNotify:

Company: Microsoft
Product: Windows Security Center
Threat: Changed Security Center Settings

Functionality
This entry only wants to bring to your attention that "someone" has disabled one or more notifications in the Windows security center.
If you’ve changed the settings yourself you can safely tell Spybot to exclude those detections from further searches. In order to do this please right click on each in turn, then click "exclude this detection from future searches". That way, should any other part of security center settings change Spybot will still detect those. For more information please visit our forum linked above.

"Windows Security Center.AntiVirusDisableNotify" , if this is found, the Security Center does not notify about the antivirussoftware.
This could have been disabled by your antivirussoftware to avoid double notifications. If your antivirussoftware is up and running , you can ignore this detection.

Microsoft.WindowsSecurityCenter.FirewallDisableNotify:

Company: Microsoft
Product: Windows Security Center
Threat: Changed Security Center Settings

Functionality
This entry only wants to bring to your attention that "someone" has disabled one or more notifications in the Windows security center.
If you’ve changed the settings yourself you can safely tell Spybot to exclude those detections from further searches. In order to do this please right click on each in turn, then click "exclude this detection from future searches". That way, should any other part of security center settings change Spybot will still detect those. For more information please visit our forum linked above.

"Windows Security Center.FirewallDisableNotify" , if this is found, the Security Center does not notify about the firewall.
This could have been disabled by your personal firewall to avoid double messages. If your personal firewall is up and running, you can ignore this detection

[ChicBookFiend]

Removing those entries with Spybot shouldn't disable your antivirus or your firewall.Both your antivirus and your firewall were disabled only after you fixed Microsoft.WindowsSecurityCenter.AntivirusDisableNotify and Microsoft.WindowsSecurityCenter.FirewallDisableNotify with Spybot?

Yes, that's exactly what it did.

Thanks for the info. I'll give it a try.

[Zenobia]

Sometimes malware can set those to 1,to prevent Security Center from alerting you that your antivirus and firewall are disabled,though some security suites set them also.

From this post:
http://forums.spybot.info/showpost.p...92&postcount=5

For these detections:
Windows Security Center.FirewallDisableNotify: Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0
Windows Security Center.AntiVirusDisableNotify: Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0
Windows Security Center.UdateDisableNotify: Settings HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify!=dword:0
Go into Start > Control Panel > Security Center > Resources (on the left hand side of the window – expand if necessary) > click "Change the way Security Center alerts me". This brings up an "Alert Setting" window.

There are three possible alerts:
Firewall
Alert me if my computer might be at risk because of my firewall settings
Automatic Updates
Alert me if my computer might be at risk because of my Automatic Updates settings
Virus Protection
Alert me if my computer might be at risk because of my virus protection software settings
I think that you will find that they are all turned off. With these alerts turned off you will not receive alerts from Windows.

Where your antivirus and firewall actually were/or became disabled,maybe you should post a Spybot log here,so that maybe someone(these people:Team Spybot,Helpers, Warriors, Experts) here might take a look at it,and see better what is going on.

Here's how to post a log(but don't let Spybot fix AntivirusDisableNotify or FirewallDisableNotify,the same as you've been doing all along) :
http://forums.spybot.info/showpost.p...29&postcount=2

If asked to provide a Spybot-S&D log:

Instructions for Version 1.4
Close all browsers
Open SpyBot, check for and get any updates available
Check for problems and fix everything found in red
Then on the toolbar menu select mode and switch to advanced mode, on the left lower down select tools, and view report, ensure all the options are selected near the bottom except

Uncheck[ ] do not report disabled or known legitimate Items.
Uncheck[ ] Include a list of services in report.
Uncheck[ ] Include uninstall list in report.

Now select (near the top) view report.
Click export in the save in box choose a place such as your my documents folder, then in your next post near the bottom select the "browse" button; navigate to and attach or post that report.