screen317

Hello blossom and welcome to the forums. Our Research Team has been monitoring this application for some time and has decided to add detection based on triggers against our PUP detection criteria. https://blog.malwarebytes.com/malwarebytes-news/2016/10/malwarebytes-gets-tougher-on-pups/ The detection is correct and not a false positive. We will continue monitoring this application and if we notice a change in the behavior we will review it again. If for whatever reason you want to continue using Advanced SystemCare, you can simply uncheck the detections and click Next after a scan with MBAM, and the prompt will ask you if you want to "Ignore Once" or "Ignore Always". If you Ignore Always it won't be detected any more.

Please see blender's response above if you have any further questions about this topic. Due to the nature of the responses as of late, I'm locking this thread. For all who come across this topic, unless the poster has "Malwarebytes Staff" in their signature, they are not a Malwarebytes employee.

Hello paradoxical, The detection is correct. In this case, the software is a potentially unwanted program, or PUP. You can read more here: If you wish to continue using those programs, add them to the MBAM exclusion list and they will no longer be detected. Best regards,

Dear DCE, I apologize for the inconvenience this issue has caused you. We at Malwarebytes have taken a more aggressive stance on "PC optimizers" and the like. You can read more about this stance here: https://blog.malwarebytes.com/malwarebytes-news/2016/10/malwarebytes-gets-tougher-on-pups/ I highly recommend working with our support team to ensure that all exclusions are set correctly and that all issues you are experiencing get resolved. Use this link to contact support: https://support.malwarebytes.com/?b_id=6400 Again we apologize for the inconvenience and are sure that our support team can help resolve this issue. Please do not hesitate to ask if I can be of further assistance. Best regards,

If you continue to post the same content and request, we will lock your posts (and possibly hide to avoid spamming the community) and continue to direct you to our Legal department at legal@malwarebytes.com.

If you continue to post the same content and request, we will lock your posts (and possibly hide to avoid spamming the community) and continue to direct you to our Legal department at legal@malwarebytes.com.

FYI we have delisted this software and this will be reflected in our next DB update.

Hello all, Upon reevaluation, we have delisted this software and this will be reflected in our next database update. If you are still experiencing issues, please contact support here: https://support.malwarebytes.com/customer/portal/emails/new?b_id=6400 Best regards,

Hello, Thank you for reporting this. Upon reevaluation, we have delisted this software and this will be reflected in our next database update. Best regards,

SpyCar is a literal dummy file for testing antimalware engines. Notice the detection name is "Legitimate." Meaning it doesn't detect it as a threat, as you suggested in your post. I'm locking this ancient thread as it has served its purpose.

Dear Stephen and welcome to the Malwarebytes forum. Upon further review, we have concluded that these detections are in fact legitimate and we will not be removing detections for this software at this time. Please refer to the following list of criteria that was used to reach this conclusion. Note that as the programs are nearly identical clones to one another, I may refer to them interchangeably. 1) Terms and conditions of use include receipt of advertisement and marketing. . 2) Terms and conditions of use include requiring agreement to comply with the incredibly ridiculous request to not use your software in "biological, or nuclear weapons." 3) Upon canceling a scan in DriverWhiz immediately after beginning the scan, the program itself reports no out of date drivers, and yet, remarkably, clicking "Register Now" sends me to a page that explicitly states that I do in fact have a driver out of date. The website somehow knows more than the program does and is incredibly misleading. See screenshot for details: 4) Clicking "CLICK HERE FOR LIVE TECH SUPPORT!" does nothing to help the user: 5) Your privacy policy completely throws users under the bus and leaves them less secure: 6) Your software is often found bundled on the InstallCore and other bundler platforms: 7) Your software is advertised in misleading ways, often with buttons seemingly looking to trick the user into downloading your software instead of their software of interest: 8) Our PUP detection is consistent with that of other vendors as you can see at VirusTotal.com. Finally, please also refer to our official PUP criteria here... https://www.malwarebytes.org/pup/ ...of which the following criteria apply to your software: Self-explanatory. Many removal guides have been published online (see one example here: https://malwaretips.com/blogs/landing-driverrestore-com-virus/ ) in addition to many users complaining about not having deliberately installed your software and having had great difficulty in removing your software. See some examples of many over the past few years here: http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/is-driver-restore-a-safe-program-i-cannot-remove/10dfcd18-986d-4c12-8cff-8abf9c4960f0 http://www.2-spyware.com/remove-driver-restore.html https://community.mcafee.com/thread/72415?start=0&tstart=0 Here you can find a consolidated list of angry users and their experiences: http://driver-whiz.pissedconsumer.com/ To summarize, these detections are indeed valid. We will also detect clones rebranded under a different name to evade detection. Best regards,

Dear lan2016, We treat all PUP vendors in the same manner. If you would like to be delisted, we provide a specific set of criteria that is required for delisting. In this case, these criteria were not addressed adequately. 1) Software bundling You claim to no longer bundle software and provided a screenshot to this effect. I went to your website to grab the latest installer for your program. Yet, when I installed FixMyPC myself, I was greeted with this prechecked bundle offer: Whatever file you used to generate your screenshot is not what is being offered on your website. 2) Alarmist detections Empty Registry entries from Add/Remove Programs are not detriments to performance, let alone severe detriments. Users may be more inclined to purchase this software for problems they do not have (also known as a scam), if they believe their computer's performance is actually impacted when in reality it is not, as a consequence of the entries below. Mind you this was on a clean installation of Windows Vista x64. If your company's position is that even clean Windows installations have severe stability issues as a consequence of empty Registry entries from Add/Remove programs, then you are in fact attempting to deceive the user who installed the software. What issues could possibly even garner a 5 out of 5 severity score? 1 out of 5? Your competitor considers these empty Add/Remove Programs entries to be Low Priority as well they should be. As such, your appeal to your competitor is also flawed and they are not considered to be a PUP. 3) Scare tactics to purchase software This clean installation of Windows Vista x64 was given a golden score of "POOR Computer stability status" with a "SEVERE Impact level." In reality the computer was running quite well with zero signs of performance or stability issues, let alone "POOR Computer stability status" with a "SEVERE Impact level." Furthermore, how can you possibly guarantee improved stability with a 100% guarantee? Do you understand that this is literally impossible and that claiming this is in actuality a scam tactic? To summarize, your company has not adequately addressed our concerns and quite frankly it is insulting that you repeatedly insist that you have, when even a cursory glance at your software implies otherwise. We will continue to detect this software and will not entertain the idea of delisting unless substantial changes are made to all of the above criteria. Not one, not some; all. Several members of our team have now used valuable time to independently verify that our detection is in fact legitimate. Good day. Edit: Further duplicate topics will be deleted.

Dear Creepers05, Thank you for bringing this to our attention. Upon further review, this detection will be removed with our next database version. This should be reflected in our regular database soon. Thank you,