PUM.Optional.DisabledSecurityCenter

Short bio

This is the detection of several potentially unwanted modifications (PUMs) on the registry that disables the Windows Security Center service notifications. The modifications are usually done by malware to suppress Windows from notifying the user that it has turned off certain security features in place, such as a firewall, on the affected system.

System modifications

The following registry value data are modified:

Under
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center

From:
UpdatesDisableNotify=0
FirewallDisableNotify=0
AntiVirusDisableNotify=0

To:
UpdatesDisableNotify=1
FirewallDisableNotify=1
AntiVirusDisableNotify=1

Under
HKEY_CURRENT_USER\Software\Microsoft\Security Center

From:
UpdatesDisableNotify=0
FirewallDisableNotify=0
AntiVirusDisableNotify=0

To:
UpdatesDisableNotify=1
FirewallDisableNotify=1
AntiVirusDisableNotify=1

Remediation

Malwarebytes can modify these registry value data back to their Windows default settings without user interaction.

Also, we advise users to do a full system scan as PUM.Optional.DisabledSecurityCenter modifications could have been done by malware or PUP.

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language