Kaseya Community

Home » Discussion Forums » Scripts & Agent Procedures » Disable Security Center Messages

Learn more about how AuthAnvil can protect and enhance your Kaseya experience

Similar Posts

Disable Windows Security Center

by
on Feb 8, 2012
  • Not Answered

Agent procedure to disable security center

by
on Aug 1, 2013
  • Not Answered

MS Security Center Alerts - Disable/Enable

by
on Apr 4, 2007

McAfee Security Center

by
on Jan 27, 2010

Security Center Event ID's

by
on Feb 20, 2009
Details
  • 19 Replies
  • 2 Subscribers
  • Postedover 12 years ago

Disable Security Center Messages

  • LegacyPoster
    Posted by
    on Aug 23, 2008 7:52 PM
    I am wondering if anyone know the Registry keys, and/or has some existing scripts to disable some or all of the Security Center Messages for Windows XP or Windows Vista (ie Firewall disables, AV disabled, etc.)

    I didn't think it would be hard to find. But I just spent mopre than an hour tryign to Google with no luck (other than via the GUI). Of course, I am looking for direct Registry changes, or command lines.

    Thanks in advance, as always.

    Lloyd

    Legacy Forum Name: Disable Security Center Messages,
    Legacy Posted By Username: lwolf
  • LegacyPoster
    Posted by
    on Aug 26, 2008 2:41 PM
    Here you go...Smile

    Script Name: MS Security Center Alerts - Disable
    Script Description:

    IF True
    THEN
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    ELSE

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: crt999
  • LegacyPoster
    Posted by
    on Aug 26, 2008 5:36 PM
    Does this work on Vista? I've been trying to get rid of the notifications on my own laptop and checked the script I had run - it's using the same registry keys you mention but I still get the alerts.

    Thanks,
    Daniel

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: djmundy
  • LegacyPoster
    Posted by
    on Sep 5, 2008 12:09 AM
    Same here, didn't seem to do the trick on Vista machines.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: FCCSonline
  • LegacyPoster
    Posted by
    on Sep 5, 2008 8:43 PM
    Dont forget these two....

    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: XeviouS
  • LegacyPoster
    Posted by
    on Sep 9, 2008 7:36 AM
    I found a few more settings which should disable the notification and tray icon.. however I can't seem to make it work. When I disable the notifications manually I notice the following keys change:

    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1828958531-174582741-1745658520-1000\EnableNotifications
    Parameter 2 : 0000000
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1828958531-174582741-1745658520-1000\EnableNotificationsRef
    Parameter 2 : 00000003
    Parameter 3 : REG_DWORD

    And when I change it back to show notifications, the first key dissapears, and the second one changes back to 00000004.

    But when I try to script this in Kaseya, it fails with the following error.. I haven't figured out what's going on yet:

    FAILED in processing THEN step 6, Set Registry Value, with error Registry Query Failed, Write 4 bytes to registry value HKEY_LOCAL_MACHINE

    It doesn't which order I set the two keys in. (it's step 6 because I have some other registry keys being set in the script)

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: djmundy
  • LegacyPoster
    Posted by
    on Mar 7, 2009 1:53 AM
    Windows XP SP3

    I've been trying the following without success:

    IF True
    THEN
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    ELSE



    any pointers?

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: TNITG
  • LegacyPoster
    Posted by
    on Mar 9, 2009 7:09 AM
    Here is a script to disable System Center Notifications regardless of OS.


    
Script Name: Disable - Windows - Security Center Notification
    
Script Description: This will disable Security Center notifications for Antivirus, Firewall and Updates. It will then restart the windows security center service. This will only run on machine with Security Center such as XP and Vista.
    

    
IF Test Registry Key 
    
   Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\
    
   Exists :
    
THEN
    
   Set Registry Value
    
     Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify
    
     Parameter 2 : 1
    
     Parameter 3 : REG_DWORD
    
         OS Type : 0
    
   Set Registry Value
    
     Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride
    
     Parameter 2 : 1
    
     Parameter 3 : REG_DWORD
    
         OS Type : 0
    
   Set Registry Value
    
     Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify
    
     Parameter 2 : 1
    
     Parameter 3 : REG_DWORD
    
         OS Type : 0
    
   Set Registry Value
    
     Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride
    
     Parameter 2 : 1
    
     Parameter 3 : REG_DWORD
    
         OS Type : 0
    
   Set Registry Value
    
     Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify
    
     Parameter 2 : 1
    
     Parameter 3 : REG_DWORD
    
         OS Type : 0
    
   Execute Shell Command
    
     Parameter 1 : net stop wscsvc
    
     Parameter 2 : 1
    
         OS Type : 0
    
   Execute Shell Command
    
     Parameter 1 : net start wscsvc
    
     Parameter 2 : 1
    
         OS Type : 0
    
ELSE


    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: XeviouS
  • LegacyPoster
    Posted by
    on Mar 9, 2009 5:22 PM
    Works like a charm, thanks XeviouS

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: tbresse
  • LegacyPoster
    Posted by
    on Mar 9, 2009 5:33 PM
    right on. Thanks so much, works great!

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: TNITG
  • LegacyPoster
    Posted by
    on Mar 9, 2009 5:43 PM
    and to reverse the process would I just change the values to 0000000? Sooo

    IF Test Registry Key
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\
    Exists :
    THEN
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify
    Parameter 2 : 0
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride
    Parameter 2 : 0
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify
    Parameter 2 : 0
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride
    Parameter 2 : 0
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify
    Parameter 2 : 0
    Parameter 3 : REG_DWORD
    OS Type : 0
    Execute Shell Command
    Parameter 1 : net stop wscsvc
    Parameter 2 : 1
    OS Type : 0
    Execute Shell Command
    Parameter 1 : net start wscsvc
    Parameter 2 : 1
    OS Type : 0
    ELSE

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: TNITG
  • LegacyPoster
    Posted by
    on Nov 12, 2009 8:47 AM
    This is Vista / 7 compatible?
    I have tried, and no luck; I cannot write to that registry key; it is owned by system.

    I have spent the better part of an hour trying to use SUBINACL.exe as well to give Administrators ownership of said keys, although no luck.

    anyone have this working "in the wild"?

    Dustin

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: quicktech
  • LegacyPoster
    Posted by
    on Nov 12, 2009 9:33 AM
    try using the "reg" command with "runas" for those...

    Below is my code that works well on the 32 bit of vista, havent tested with 7 yet though


    
Script Name: MS Security Center Alerts  - Disable
    
Script Description: Disables MS Security Center Alerts
    

    
IF True 
    
THEN
    
   Set Registry Value
    
     Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify
    
     Parameter 2 : 00000001
    
     Parameter 3 : REG_DWORD
    
         OS Type : 0
    
   Set Registry Value
    
     Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify
    
     Parameter 2 : 00000001
    
     Parameter 3 : REG_DWORD
    
         OS Type : 0
    
   Set Registry Value
    
     Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify
    
     Parameter 2 : 00000001
    
     Parameter 3 : REG_DWORD
    
         OS Type : 0
    
ELSE


    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: thirteentwenty
  • LegacyPoster
    Posted by
    on Nov 12, 2009 9:35 AM
    Sorry to be thick, how would I run reg command or runas?
    Impersonate User perhaps?

    Thanks..

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: quicktech
  • LegacyPoster
    Posted by
    on Nov 13, 2009 2:41 AM
    @quicktech: lol you're not thick... thick was figuring out how to runas in command line

    to get the proper runas syntax
    fire up cmd and type in runas /?

    Be careful with this, you cannot use runas on everything, there are somethings that it just wont work on.

    to get the proper reg syntax
    fireup cmd and type reg /?

    reg i think differs between XP and Vista, I think I'm not sure I don't use it often

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: thirteentwenty