Kaseya Community

Disable Security Center Messages

  • I am wondering if anyone know the Registry keys, and/or has some existing scripts to disable some or all of the Security Center Messages for Windows XP or Windows Vista (ie Firewall disables, AV disabled, etc.)

    I didn't think it would be hard to find. But I just spent mopre than an hour tryign to Google with no luck (other than via the GUI). Of course, I am looking for direct Registry changes, or command lines.

    Thanks in advance, as always.

    Lloyd

    Legacy Forum Name: Disable Security Center Messages,
    Legacy Posted By Username: lwolf
  • Here you go...Smile

    Script Name: MS Security Center Alerts - Disable
    Script Description:

    IF True
    THEN
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    ELSE

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: crt999
  • Does this work on Vista? I've been trying to get rid of the notifications on my own laptop and checked the script I had run - it's using the same registry keys you mention but I still get the alerts.

    Thanks,
    Daniel

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: djmundy
  • Same here, didn't seem to do the trick on Vista machines.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: FCCSonline
  • Dont forget these two....

    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: XeviouS
  • I found a few more settings which should disable the notification and tray icon.. however I can't seem to make it work. When I disable the notifications manually I notice the following keys change:

    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1828958531-174582741-1745658520-1000\EnableNotifications
    Parameter 2 : 0000000
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1828958531-174582741-1745658520-1000\EnableNotificationsRef
    Parameter 2 : 00000003
    Parameter 3 : REG_DWORD

    And when I change it back to show notifications, the first key dissapears, and the second one changes back to 00000004.

    But when I try to script this in Kaseya, it fails with the following error.. I haven't figured out what's going on yet:

    FAILED in processing THEN step 6, Set Registry Value, with error Registry Query Failed, Write 4 bytes to registry value HKEY_LOCAL_MACHINE

    It doesn't which order I set the two keys in. (it's step 6 because I have some other registry keys being set in the script)

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: djmundy
  • Windows XP SP3

    I've been trying the following without success:

    IF True
    THEN
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    ELSE



    any pointers?

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: TNITG
  • Here is a script to disable System Center Notifications regardless of OS.


    Script Name: Disable - Windows - Security Center Notification
    Script Description: This will disable Security Center notifications for Antivirus, Firewall and Updates. It will then restart the windows security center service. This will only run on machine with Security Center such as XP and Vista.

    IF Test Registry Key
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\
    Exists :
    THEN
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify
    Parameter 2 : 1
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride
    Parameter 2 : 1
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify
    Parameter 2 : 1
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride
    Parameter 2 : 1
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify
    Parameter 2 : 1
    Parameter 3 : REG_DWORD
    OS Type : 0
    Execute Shell Command
    Parameter 1 : net stop wscsvc
    Parameter 2 : 1
    OS Type : 0
    Execute Shell Command
    Parameter 1 : net start wscsvc
    Parameter 2 : 1
    OS Type : 0
    ELSE


    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: XeviouS
  • Works like a charm, thanks XeviouS

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: tbresse
  • right on. Thanks so much, works great!

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: TNITG
  • and to reverse the process would I just change the values to 0000000? Sooo

    IF Test Registry Key
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\
    Exists :
    THEN
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify
    Parameter 2 : 0
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride
    Parameter 2 : 0
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify
    Parameter 2 : 0
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride
    Parameter 2 : 0
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify
    Parameter 2 : 0
    Parameter 3 : REG_DWORD
    OS Type : 0
    Execute Shell Command
    Parameter 1 : net stop wscsvc
    Parameter 2 : 1
    OS Type : 0
    Execute Shell Command
    Parameter 1 : net start wscsvc
    Parameter 2 : 1
    OS Type : 0
    ELSE

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: TNITG
  • This is Vista / 7 compatible?
    I have tried, and no luck; I cannot write to that registry key; it is owned by system.

    I have spent the better part of an hour trying to use SUBINACL.exe as well to give Administrators ownership of said keys, although no luck.

    anyone have this working "in the wild"?

    Dustin

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: quicktech
  • try using the "reg" command with "runas" for those...

    Below is my code that works well on the 32 bit of vista, havent tested with 7 yet though


    Script Name: MS Security Center Alerts - Disable
    Script Description: Disables MS Security Center Alerts

    IF True
    THEN
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify
    Parameter 2 : 00000001
    Parameter 3 : REG_DWORD
    OS Type : 0
    ELSE


    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: thirteentwenty
  • Sorry to be thick, how would I run reg command or runas?
    Impersonate User perhaps?

    Thanks..

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: quicktech
  • @quicktech: lol you're not thick... thick was figuring out how to runas in command line

    to get the proper runas syntax
    fire up cmd and type in runas /?

    Be careful with this, you cannot use runas on everything, there are somethings that it just wont work on.

    to get the proper reg syntax
    fireup cmd and type reg /?

    reg i think differs between XP and Vista, I think I'm not sure I don't use it often

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: thirteentwenty