Chose quarantined, got 'replaced' - unh?

[PaddyODawes]

Just did a scan which revealed three pups. The default choice was 'quarantined', so I said OK. Out of curiosity, I went to check the log, to discover that two of the three, sure enough, were marked as Quarantined. But the other was described as 'replaced'. (What's more, it was the one of the three I was most concerned about.) What does 'Replaced' mean? Because I suspect I still have the pup. 

 

 

Thanks if you can help.

[daledoc1]

Hi:
 
Your screenshot actually shows that the top detection in the list is a PUM, not a PUP:
 

The 'PUM' (Potentially Unwanted Modification) detections are not false positives or actual infections but rather settings which you may have made and in some cases, malware also makes. So we scan those sections of the registry for changes which differ from default settings.
If you made the modification, you can add them to ignore after your next scan or allow them to be set to Microsoft default settings by our software.
https://helpdesk.malwarebytes.org/hc/en-us/articles/201948477-What-are-PUM-detections-are-they-threats-and-should-they-be-deleted-

 

And, from the User Guide:

 

A scan (scheduled or on-demand) has been completed. Non-Malware was detected during execution of the scan. This is typically a Potentially Unwanted Program (PUP) or Potentially Unwanted Modification (PUM), which may be acceptable to you. Clicking the notification will allow you to review the scan log to determine the exact nature of the threat(s).

https://www.malwarebytes.org/support/guides/mbam/

 

So, there is nothing to "quarantine", as it is a change to a setting.
MBAM will scan for and, in this particular case, attempt to reset it back.
In this particular case of this particular PUM, it could be a change you or your anti-virus/security program made intentionally.
If so, then you can ignore it.
 
>>>Having said that, as you have some other, PUP detections, as well, if you are not sure what to allow/keep/ignore and what to quarantine/change, then it might be a good idea to have one of the malware experts assist you with checking your system.
To do that, I suggest that you please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
A malware analyst will assist you with looking into your issue.
 

Also, for more information:
There is an FAQ Section here: Common Questions, Issues, and their Solutions
And here are links to the MBAM 2.0 User Guide: Online and PDF
And there are many useful KB topics and videos at the helpdesk support page

Thanks,

[PaddyODawes]

Thanks very much for that very helpful and informative response. What a difference a letter makes, eh? I'll try to have a proper look into this in the morning, as I've only just discovered your message and it's past my bedtime and I still haven't finished the washing up. 

 

Briefly tho', I certainly didn't make this change. But I'm pretty sure it's the one that means every time I reboot I get a warning popup in the bottom right of my screen telling me that Windows Firewall is not enabled and click here to fix this problem, when I know very well (having checked more than once) that the firewall is fine and dandy and up & running. 

 

Thanks again.