Malwarebytes false positive?
in [Spyware]
|
From: Security helper on 28 Jan 2010 22:51 Yes, I have the same problem. I do not believe, however that it is of any concern. After "fixing" it, Spyware doctor (that's right, a security program) had to restart IntelliGuard. This simply could be one security program not liking the processes of another. I have a free trial version of Malwarebytes, Norton 2010, and Spyware Doctor 2010, and nothing is wrong with my computer (no slow down or etcetra.) I'm not sure if this works, but if you are seeming to have a virus problem, you could try clearing all browser history, and use Firefox. I happened to get some non-malicious tracking cookies and adware, and my computer is clean. Not all adware is bad, though. -- Security helper ------------------------------------------------------------------------ Security helper's Profile: http://forums.techarena.in/members/179185.htm View this thread: http://forums.techarena.in/anonymity-privacy-spam/1075636.htm http://forums.techarena.in
From: David H. Lipman on 5 Feb 2010 06:08 From: "Security helper" <Security.helper.45w4zb(a)DoNotSpam.com> | Yes, I have the same problem. No, you have MORE of a problem its called techarena.in -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: Beauregard T. Shagnasty on 5 Feb 2010 06:59 David H. Lipman wrote: > From: "Security helper" <Security.helper.45w4zb(a)DoNotSpam.com> >| Yes, I have the same problem. > > No, you have MORE of a problem its called techarena.in <g> Yes, another Usenet-scraper. And what's with them holding 'forum' posts for five days before releasing to Usenet? There's a new post from them in a.c.a-v .. where three of their "members" have replied to a thread from last March. -- -bts -Four wheels carry the body; two wheels move the soul
From: IRnuts2 on 26 Feb 2010 21:22 I bought a brand new Acer laptop from newegg, and opened it today. After initial setup with first boot etc i logged on to the net and 1. Went to Acer website to register the laptop, 2. Went to windows updates and downloaded updates for win7 3. downloaded ms security essentials and installed, and ran scan, came up green, and then 4. downloaded and installed MBytes, ran scan, and came up with the same scan results.... Hijack.DisplayProperties Now, i am thinking it is extremely unlikely i picked up a trojan "out there" that quickly while working at 3 very reliable and safe sites. So... My question is...Was this hijack routine; a) created by Acer when doing an info seek to see if i'm a legitimate Acer laptop (??) yet MS SE missed the registry change while doing the initial scan immediately after (hmmmm, unlikely?) b) MS did this when checking my win7 version and checking if i have admin rights while installing the desktop icons for MS Sec. Essentials?? , OR c) MBytes did it while installing desktop and startmenu icons, then unknowingly flags the traces of its own activity?? wouldn't that be funny. I'm a mechanical engineer and think in terms of function, but a complete novice to this stuff, so its a bit frustrating that i don't (at present) know how to begin researching this problem. If i knew a little more about win code i'd go digging and find out what is really happening, but it sure would be nice if someone who really knows what he's doing could explain to us exactly what must occur for this string to be deposited in the registry, and what legitimate processes could do it. because it SURE seems like a false positive to me. Or should i say a "safe" positive. By that i mean a tracking routine deposited during a noninjurious process, but junk that certainly doesn't need to be on our systems and needs cleaning. Andy Walker;4092523 Wrote: > The HKLM\...\NoActiveDesktopChanges registry key above determines > whether or not the users of the machine have the ability to change > their active desktop configuration. There are a large number of > trojans and malware that change that registry entry to "1" in order to > prevent users from removing the displayed content within the active > desktop. You can also set this to 1 to prevent users from changing > their wallpaper, for instance. It is not necessarily an indication > that you are compromised, but by default user are allowed to change > their active desktop settings. The Malwarebytes program flagged the > registry entry because it is more often than not an indication that > malware may be present. If you are comfortable with the appearance > and functioning of your Windows desktop, and don't plan on allowing > other users to change the desktop settings, then leave the registry > entry set to 1, otherwise set it to zero or allow Malwarebytes to do > it for you. -- IRnuts2 ------------------------------------------------------------------------ IRnuts2's Profile: http://forums.techarena.in/members/189073.htm View this thread: http://forums.techarena.in/anonymity-privacy-spam/1075636.htm http://forums.techarena.in
|
Pages: 1 Prev: How to block a chunk of IPs? Next: MVPS HOSTS file updated [Feb-09-2010] |