(Hijack.DisplayProperties)

[TeMerc]

The same @ Windows 7 Ultimate (rtm)

Its a fresh install - no way that it is infected!

You need to read this thread again. It's not an indication of infection. It's a display setting which you may have changed.

And W7 may have some additional tweaks which we have not made yet as we're not officially compatible with it and have done no testing on it by developers.

[climb5462]

Any new updates on this? Brand new pc here and tonight my Avast resident scanner detected it so I deleted it, ran MWB it detected it but after reading here I chose to restore it and ignore. Just wondering what's new with this considering Avast has now detected it along with MWB. Oh, and my usage while idle will jump from 22% up to 52%.

Anything will help.

[mc42]

And W7 may have some additional tweaks which we have not made yet as we're not officially compatible with it and have done no testing on it by developers.

Should this still show up with the new version of Malwarebytes for Win 7?

[exile360]

Yes, most likely it will as it still shows up for Vista too but it can safely be ignored .

[CamT]

I am running Windows 7 64bits and also got the same thing..... (Hijack.DisplayProperties)

[exile360]

Greetings and welcome CamT .

You can safely have Malwarebytes' ignore this detection as well. That's the default setting on Vista and 7 64 bit versions and this detection was designed specifically for Windows XP, where that particular registry setting is the opposite (a 1 instead of a 0).

[JolietJake]

Aha!

I can ignore this flag then. Yeah, yeah, another Windows 7 64 bit user here.

Thanks

[cip_cyp]

hi guys,

need help, I have Win 7 Ultimate, the same detection NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0).

the problem is that I can't change my desktop. If I'm trying to change it with a picture, instead of picture I have a black screen.

I've changed in registry from 1 to 0 but no good. I even install and use Desktop hijack Fix, and find a "policy restriction" but the software can not remove it.

Anu ideas?

thanks!

[sdilix]

Hey exiled i am wondering about the auto reg fixer you put what encoding should you use.

[exile360]

Here's the registry fix for this issue, it will set it back to the Vista/7 default. Once you download it, just unzip it and double click it to run it. You will get a prompt from User Account Control, just click Continue and then click Yes when asked if you want to add it to the registry and click Ok when it completes.

After that, just run a Quick Scan with Malwarebytes' Anti-Malware and when it finishes, click Show Results and select the Hijack.DisplayProperties detection and click on Ignore .Restore_Hijack.DisplayProperties.zip

[Stopbugs]

Hi folks. Another windows Vistax64 user with Hijack.display properties showing in scan.

I deleted it and restored it through quarantine and ran a quick scan with no "false positive"

Is this sufficient or do I need to run the fix so display will be Ok?

[exile360]

Greetings Stopbugs and welcome

If Malwarebytes' is no longer detecting Hijack.DisplayProperties then you should run the reg fix to set it back to default, then do a Quick Scan with Malwarebytes' and add the detection to the ignore list.

[Stopbugs]

Hello exile 360.

Thanks for your greeting and welcome.

Ran the fix and added detection to ignore list as suggested.

Best wishes.

[exile360]

Excellent .

Should you have any more questions or issues just post.

Thanks

[lalittle]

Just to clarify, will it be possible for a signature update to fix this, or an engine update, or will it simply be necessary to always use the ignore list to prevent this particular false positive?

Thanks,

Larry

[exile360]

Greetings lalittle

As I understand it, a full engine update would be required as it would need to detect the OS version installed and if it detects a 64 bit OS, it would then have to automatically exclude the detection, although I could be wrong as I'm not one of the developers, but as I understand it, that's what would need to happen. For the time being I'm content to keep the detection ignored, as even when I install a new version of Malwarebytes', it remembers my previously ignored detections so I only have to deal with it once.

[lalittle]

Greetings lalittle

As I understand it, a full engine update would be required as it would need to detect the OS version installed and if it detects a 64 bit OS, it would then have to automatically exclude the detection, although I could be wrong as I'm not one of the developers, but as I understand it, that's what would need to happen. For the time being I'm content to keep the detection ignored, as even when I install a new version of Malwarebytes', it remembers my previously ignored detections so I only have to deal with it once.

Thanks. Just out of curiosity, when the program changes to the next new "number" (i.e. something newer than 1.41) this doesn't necessarily imply a new "engine," does it? Do we just have to keep an eye on the version history to see when a new engine is implemented?

Larry

[exile360]

Correct, new version numbers do not necessarily mean a new engine, but the engine does seem to change often as the developers work against the latest nasties to detect and remove them. Often new releases are also to fix bugs that are discovered along the way. You can always find what changes have been made here at the bottom of that page as well as when you're installing Malwarebytes' Anti-Malware because it shows the changelogs for each version .

[Mike89]

I'm also got this exact same result with scan. This is with version 1.42 and Windows 7 Professional 64 bit. I assume I'm supposed to select it and hit the Ignore button.

That's what I did but the program glitched a little when I did that. After I did that, I clicked to close the program and got a message asking if I was sure I wanted to close because a scan was going on. There was no scan going on. Evidently clicking Ignore triggered something. I closed it anyway and opened it back up to make sure that reg entry was in the Ignore List and it was.

Anyway I think that was a bug in the program.

[exile360]

Greetings Mike89

Yes, that's the appropriate procedure. If you want to avoid the message about aborting the scan you can hit Remove after having ignored the detection and it will tell you that there are no items to be removed, just click Ok and close the program. Either way the net result is the same, a successfully ignored detection .

If you need anything else just post.

Thanks

[redsox19801]

I also have this come up when I scan. Everybody is saying this is a false positive, but my computer has been popping up messages asking me to change my color scheme to windows vista basic or something because of slow performance or something like that. Any ideas about that?

[redsox19801]

guess no one cares lol

[exile360]

For the issue with the popup please create a new topic here as it is unrelated to this detection. There is something else causing the problem with your Windows color scheme settings.

[Bunzy]

I am a newbie. I don't know if this is the correct topic to post in... but here is my input. When ever I run Malwarebytes scans, I get a false report of a hijack to my homepage. In actuality it is not a hijack but a lock I have on my homepage in both SpywareBlaster and Spybot S&D to protect against Homepage Hijacks. I just thought I would let you "guys" know if you don't know already.

[Mike89]

That could be a reason why this scan result is triggered. Another possiblility is maybe having the Windows 7 theme to change desktop pictures (slideshow) every 30 seconds (I do) might also be triggering this.