PDA

View Full Version : MalwareBytes finds Spybot problems?


junksasa
2014-08-27, 15:12
I ran MalwareBytes and it found these Security Hijacks (2 of I know are associated with Spybot). Are they really Spybot problems?

Malwarebytes Anti-Malware
Version: 2.00.2.1012
Malware Database: v2014.08.16.05
Rootkit Database: v2014.08.15.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: bedroom

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 264575
Time Elapsed: 8 min, 27 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 3
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AUpdate.exe, No Action By User, [23222a9d86f595a13077088225deba46],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\blindman.exe, No Action By User, [9aab725599e233031d90cd1ecb376e92],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDFiles.exe, No Action By User, [45008c3bd9a248ee25dcc437a65cc739],

Registry Values: 0

Registry Data: 0
(No malicious items detected)

Folders: 0

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
tashi
2014-08-27, 17:27
Hello junksasa,

Could you please report them at the malwarebytes forums.

https://forums.malwarebytes.org/index.php?/forum/122-false-positives/

Best regards.
junksasa
2014-08-28, 20:37
I have contacted MalwareBytes. Their response is:

In this particular case, the detection is because of the type of data entry, an Image File Execution Option. This is causing programs that are running normally to be directed into other processes. This type of action is almost always used maliciously. As I mentioned, you can ignore them during the scan, but if you'd like to temporarily quarantine them we can see if it has unexpected results. If so, Malwarebytes Anti-Malware is capable of restoring the quarantined item. There are no current conflicts with Advanced System Care that I am aware of.
tashi
2014-08-28, 21:21
Hello junksasa,

Thank you by which method did you make contact to report this?


I have contacted MalwareBytes. Their response is:

In this particular case, the detection is because of the type of data entry, an Image File Execution Option. This is causing programs that are running normally to be directed into other processes. This type of action is almost always used maliciously. As I mentioned, you can ignore them during the scan, but if you'd like to temporarily quarantine them we can see if it has unexpected results. If so, Malwarebytes Anti-Malware is capable of restoring the quarantined item. There are no current conflicts with Advanced System Care that I am aware of.



Hello junksasa,

Could you please report them at the malwarebytes forums.

https://forums.malwarebytes.org/index.php?/forum/122-false-positives/

Best regards.

Regards.
junksasa
2014-08-29, 15:32
Hello junksasa,

Thank you by which method did you make contact to report this?





Regards.

I contacted them directly through there help and I have now also posted the problem at the location you suggested.