Jump to content

"Malicious process attempting to start"


Recommended Posts

I recently updaated MBAM to the latest version, (1.62.0.1300) and am running it under

Win 7 SP1 x64.

Since that update, I have been seeing alerts launched telling me that a "malicious process

is attempting to start", and that MBAM has blocked it. This happens, on average, once

or twice per 6 to 8 hour operating session, at seemingly random intervals and times.

This is a known good file that has resided in a temporary directory on my machine for

quite some time. However, MBAM appears to classify it as "riskware".

I don't see any way that this file could possibly be launching without my intervention.

It is certainly not a startup item, does not appear in MSConfig or HijackThis, nor does it

appear in task manager as a process or service. In addition, there is absolutely no

reference to this file in the system registry.

As such, I'm a little puzzled about why this is happening. Although it seems doubtful,

I'm wondering if this is a product of Windows 7's virtualization technolgy.

In any case, what I generally do is click on "ignore" to dismiss the alert. For the remainder

of the operating session, I no longer receive the alert.

On the off-chance of a rootkit being present, I scanned my system with the latest

Kaspersky TDSSKiller, but that produced nothing.

Any ideas?

Regards,

Graham

Link to post
Share on other sites

Hello and Welcome -

If you think this is a False Positive, please read, and follow This Topic and report it to the research team.

They will clear the problem or report back with their findings -

Thank You -

Hi. Thanks for responding.

I'm not sure that I'd categorize this as a false positive, and that's why I've posted here,

and not in the other forum. MBAM classifies the file as riskware, and I understand why

and I don't have a problem with it. What puzzles me is why MBAM is telling me that the

file is launching. As such, this issue appears to fall in a grey area between a bug and

a false positive. In any case, I think i'll run MBAM in developer mode and post in the

other forum as well.

Again, thanks.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.