Search the Community
Showing results for tags 'confusion'.
Something I find very frustrating is the lack of info given to the end user when Malware is found. When something is detected, it is very hard to know what it is and why it's been flagged. This is especially true for PUP's. There needs to be a section which explains why something has been flagged, such as what criteria was met to be classed as malware. Many PUP's are legitimate programs wrongly classed as malware. Because of this, people have started ignoring PUP and added them to the exclude list. This is bad, because it means risky programs, inadvertently bypass malware detection because the end user doesn't trust the anti malware software anymore. I understand business don't want to spend time developing a list of reasons for each malware. However; I don't think that necessarily has to be the case. Much of the information can be automated. After all, if an intelligent program can automatically detect it, it can automatically explain why it detected it. Furthermore. Popular applications, such as Advanced System Care by IoBit, should have a detailed hand written report about why it's being flagged. I just quarantine Advanced System Care after it was flagged today (15th March 2017), then read a report (see link) saying it was going to be removed from the DB of PUP applications back in Oct 2016. The question is then, if it's getting flagged, why remove it and if it's been removed, why has it been re-added? Does this mean the flagging criteria isn't valid? I very weary of anything IoBit, so would like to know if it is malware and why it is. Flagging it and not giving a reason why, is counter productive. I would suggest, that if Malwarebytes wants to retain it's great reputation, it needs to up it's game. Hope this helps
Hi, I'm new to the Forum. I have tried researching the topic online and contacting MBAM support directly. Neither has helped so far. I think that is, in part, due to the fact that I want to understand what is going on before jumping on a removal process. From MBAM's own website: "The 'PUM' (Potentially Unwanted Modification) detections are not false positives or actual infections but rather settings which you may have made and in some cases, malware also makes. So we scan those sections of the registry for changes which differ from default settings. If you made the modification, you can add them to ignore after your next scan or allow them to be set to Microsoft default settings by our software." But how do I really know if the detected PUM is something I should keep or remove? I've attached an image of what the screen looks like when MBAM finishes its scan. I'll also include the log information in an attachment and in the body below. In the days leading up to this problem, I did make some changes. Kaspersky Internet Security (KIS) wasn't updating, a problem I have experienced before. After troubleshooting the matter, I had to do an uninstall/reinstall. Unlike previous uninstall/reinstall instructions, this time I was not told to use the Kavremover tool. I also took steps to update the NVIDIA driver and downloaded a new program called DrawPlus by Serif. So, I have been wondering if one of the actions I took did change something on the StartMenu; but I am not experienced enough to figure it out. Googling only took me so far and there's a lot to process. During the uninstall/reinstall of KIS, I did have to turn off the firewall too. So, maybe it isn't an action I took but an actual piece of malware that got in during that time? But the question remains: How do I know the difference? I don't want to prematurely remove the PUM only to cause other problems down the line in the registry. I am happy to provide the logs and screen shots needed to help you help me figure this out. Just know that I'll need you to tell me how to get you the logs . The log I can give you now is the most recent. I tried the NVIDIA Rollback tool to see if that made a difference. The only difference I noted was that the information in the brackets following the PUM location changed. Again, I don't know what that even means. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 8/25/2015 Scan Time: 5:10 PM Logfile: 25 August 2015 - FORUM.txt Administrator: Yes Version: 188.8.131.527 Malware Database: v2015.08.25.07 Rootkit Database: v2015.08.16.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Owner Scan Type: Threat Scan Result: Completed Objects Scanned: 423279 Time Elapsed: 19 min, 27 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 1 PUM.Hijack.StartMenu, HKU\S-1-5-21-683834285-2108896767-324524410-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowSearch, 0, Good: (1), Bad: (0),,[d8330706acdffe3830e05ef9da2b45bb] Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Okay, I think that's it. I very much look forward to your replies. Your help and input is most welcome and appreciated. Image MBAM Results.docx 25 August 2015 - FORUM.txt
Ok so I have a acer aspire laptop, It has been a great computer for the past couple of years... but as of now I can't do anything without popups, browser tabs opening, and ads at every border of my browser. I really need some help I'll post what I'm dealing with. These are pics from my computer and I don't know what to do about it. Please help me. Kind regards, Eric Attached Images Attachhelp.txt DDShelp.txt
Ok so I have a acer aspire laptop, It has been a great computer for the past couple of years... but as of now I can't do anything without popups, browser tabs opening, and ads at every border of my browser. I really need some help I'll post what I'm dealing with. These are pics from my computer and I don't know what to do about it. Please help me. Kind regards, Eric