Jump to content

PUP or Potentially Unwanted Program Angry Birds


fryerlawrence

Recommended Posts

I have to apologize and at the time I was not aware of the Malwarebytes Forums... however now I am curious and cannot find any information to the contrary of why Angry Birds was flagged as a PUP by Malwarebytes.(Because I had seen the little bug when I seen the scan log I immediately thought it was a virus and did not understand PUP's at the time... course I am still learning about them now.) I originally sent my MBAM log info to news agencies, thinking it was a newsworthy item that millions of people have downloaded this game and are not aware, and the company has made millions as well. Apparently they did not think so.

I was so spitting mad at the time mad_really_zps771dba1a.gif I just uninstalled it. However, after digging for my MBAM log info recently for another blog post, I came across the unlock code and got curious again. However, I do not have the computer it was installed on b/c on another related incident the hard drive failed.

Here is the original log info:

----------------------------------------------------------------

Malwarebytes’ Anti-Malware 1.51.2.1300

Database version: 911122704

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

12/27/2011 4:12:04 PM

mbam-log-2011-12-27 (16-12-04).txt

Scan type: Full scan (C:\|D:\|E:\|H:\|)

Objects scanned: 318712

Time elapsed: 46 minute(s), 25 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\Users\Owner\AppData\Local\Temp\icreinstall\cnet2_angrybirdsinstaller_1_5_1_exe.exe (PUP.Adware.Downloader) -> Quarantined and deleted successfully.

----------------------------------------------------------------------------------------------------

Questions:

1. Is Angry Birds safe? Keep in mind... I downloaded directly from the company.

2. Let's say I still like the game, which I do. Is it possible that Angry Birds would still be safe after downloading it again and if Malwarebytes should catch something again? (e.g. the same thing as above)

Thanks for you help,

-fryer

Link to post
Share on other sites

  • Staff

It looks like you downloaded from cnet/download.com (cnet2_angrybirdsinstaller_1_5_1_exe.exe)and not the company? Cnet does bundle most of their software with other adware that you wouldnt get from other download sites. This is what is being detected here the other adware and not the game itself.

That being said if you can zip and attach the file that is being detected we can re-analyze to see if any of the adware fits the pup definition here.

Link to post
Share on other sites

thanks for replying shadowwar... yeah.. it's been some time ago. (time flies when you are having fun..lol) From your perspective I can now give myself a "doh" moment Doh_zps8e3d9720.gif

I remember distinctively downloading from Rovio, however, it looks like I didn't remember the re-direct.

Just for laughs, I am going to see if my unlock code still works and download the game again. I will scan it with MBAM again and if I incur any issues I will post back here.

Sorry again for ruffling feathers for a so then "yesterday" issue. I am now brown bag man...lol brownbaghead_zpsbec34b43.gif

-fryer

Link to post
Share on other sites

Back to report good news. No nasty thingies...lol

I ended up using the download installer link from Rovio in the actual Activation Key Code e-mail sent to me. (Apparently no cnet re-direct this time either...lol) Just for good measure I scanned it three times (I know....I know...overkill... but now I sleep better knowing.)

1. Once after downloading the installer.

2. Once after launching the game.

3. Once after entering the activation key code.

Here is the proof:

Angry Birds Installer Scan 04.22.2013 #1

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.04.21.01

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16540

owner :: [administrator]

4/22/2013 10:35:46 PM

mbam-log-2013-04-22 (22-35-46).txt

Scan type: Custom scan (C:\Users\owner\Downloads\Angry Birds\Installer\AngryBirdsInstaller_3.0.0.exe|)

Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled: Memory | Startup | Registry | Heuristics/Extra

Objects scanned: 1

Time elapsed: 2 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

------------------------------------------------

Angry Birds Scan 04.22.2013 #2 (After Install)

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.04.21.01

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16540

owner :: [administrator]

4/22/2013 10:47:44 PM

mbam-log-2013-04-22 (22-47-44).txt

Scan type: Custom scan (C:\Program Files (x86)\Rovio|)

Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled: Memory | Startup | Registry | Heuristics/Extra

Objects scanned: 1197

Time elapsed: 11 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Angry Birds Scan_After Activation Code_04.22.2013 #3

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.04.21.01

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16540

owner :: [administrator]

4/22/2013 10:52:41 PM

mbam-log-2013-04-22 (22-52-41).txt

Scan type: Custom scan (C:\Program Files (x86)\Rovio|)

Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled: Memory | Startup | Registry | Heuristics/Extra

Objects scanned: 1197

Time elapsed: 11 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

False alarm... no need to put on my "S" and save the world...lol.

Thanks everyone for your help. You guys are always awesome.

plane_zps76f5b561.gifFlyin' free,BuzzPilot_zps845686b0.gif

-fryer

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.