JMZ said:
Thanks Gary.
I'm not at my home pc right now, so please bear with my generalities as I
don't remember the exact wording of everything.
I have Windows XP, SP2. In the Security Center (from Control Panel),
there
are various options you can select to take different actions. The last
option is used to change the way it alerts/notifies you of problems. That
option is grayed-out. It does not do anything when clicked. The other
options are still functional. So, I'm sure that some malware caused that
option to become non-functional, but I think that I have removed that
malware
at this point because I don't get the annoying pop-ups from the systray
about
being infected anymore. The red X is gone. However, the option is still
non-functional in the Security Center GUI.
OK, I see what you're talking about. I think you're probably right about the
malware being involved. But I'd go through all the steps I advised before,
just to make sure. Different malware scanners look for different things, and
it takes running several of them to make sure you find it all, finishing off
with HijackThis. (There are more in-depth tools, like RootKit Revealer, but
you'd use those only on the advise of an expert.) It's possible that one or
more of those steps will identify the condition you're seeing as a result of
malware and even possibly repair it. I don't know enough about that dialogue
to know where to look. Might be Registry, might be some other configuration
file or the program itself. I'm not familiar with the programming used here.
My question is how do I make that option functional again? Do you think I
need to uninstall and re-install SP2?
I'd not do anything like that until you've done everything else I've
suggested and are certain that the malware is truly gone. I'll look into how
that dialogue works and how it might be re-enabled. But at this point I
consider it a symptom of something that might not have been totally removed.
I don't try to fix such symptoms until I'm certain the malware is all gone.
If there is not a setting buried somewhere in the registery, then it may
be
that application itself was hacked. Would you agree with that? If not,
what
do you think happened?
Yes, I'd agree that the malware probably disabled the setting in order to
disable your ability to be notified. However at this point it's a minor
nuisance and not what I'd be focussing on.
BTW, I've already spent $110 on Norton and NoAdware. If these other
programs
are similarly priced, then I would sooner buy a new pc.
I'm sorry you did that. The apps I recommend are either free for home use
(though donations are always appreciated), or free for a year and $50(?)
after that (ETrust.) EVERYTHING I've recommended you do now can be done with
no additional outlay of cash.
Do you think one needs to have all of these tools installed and running,
no
matter what? It looks like you recommend having 5 to 6 tools, and you
didn't
even list a firewall, so that's another one.
ETrust Internet Security Suite includes a firewall (built on ZoneAlarm). You
can get it for $30 for the first year, not sure what renewals cost. Maybe
$40 or $50 per year? Otherwise, use ZoneAlarm (free.) Of course, if you're
on broadband you *really* want to use a router with NAT firewall included.
None of the apps I recommended (except antivirus and now firewall) normally
run while you're in Windows. They are either on-demand scanners (you run
them regularly to see if anything has gotten in) or they make changes to the
system that prevent your IE from going to certain sites, including
advertising sites that are embedded in other pages. They add items either to
the Restricted Zone or to the HOSTS file. They aren't *running* they just
add to lists of blocked/restricted sites.
You're welcome. Keep us posted as to your progress. I'll look up what I can
to see if there's a direct repair for that Security Center, but I'm very
tempted to not even tell you about it until you've done the things I
suggest. I feel that strongly about it.
--
Gary S. Terhune
MS-MVP Shell/User
http://grystmill.com/articles/cleanboot.htm
http://grystmill.com/articles/security.htm