Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is this false postivie from spywareblaster settings?


  • Please log in to reply
2 replies to this topic

#1 MaryBet82

MaryBet82

  • Members
  • 438 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:29 AM

Posted 07 April 2010 - 11:02 AM

Win2k sp4 w/ Symantec End Point - AV & firewall; WinPatrol Plus; Malwarebytes free, Spywareblaster; behind router.

Usual browser firefox; IE only for windows updates & dell support pages.

I have spywareblaster set so that my IE hompage can't be changed. A malwarebytes scan reported 2 threats: hijack.homepage & Disabled.SecurityCenter. I figured the hijack.homepage was false pos from spywareblaster settings [remember reading about conflict w/ spybot, but maybe it was malwarebytes, and spywareblaster] and the Disabled.SecurityCenter was because win2k doesn't have one. I thought malwarebytes was ok on win2k.

Anyway, the registry settings are quarantined, but no infected files were found. I'm posting because I have also recently had prolonged periods where firefox 3.6.2 hogged 96% of cpu per taskmanager and process explorer. Also I now get an error when attempting to update malwarebytes. Firefox updated itself to 2.6.3 a day or so ago and so far no 96% cpu usage.

Symantec scans have been neg. Last month's ms malicious tool scan was neg. I thought about resetting spywareblaster and running a malwarebytes scan, but I wasn't sure if I had an infection what would happen.

Are these are false positives? If malwarebytes has quarantined Spywareblaster's preventative registry setting can I now be hijacked?
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

BC AdBot (Login to Remove)

 


#2 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:29 AM

Posted 10 April 2010 - 06:29 PM

I have ever used Win2K but on XP having Malwarebytes find that hijack homepage is normal when you have the homepage protected from being changed and the other one is normal too, when you have anything it disabled. I just whitelist them.

I think you can just unquarantine them and then the next time Malwarebytes finds them, just tell it to ignore them. Anyway, I think that is how you whitelist them. I whitelisted them the first time it found them and that was a long time ago, so I could be wrong on how you do it, but if you just unquarantine them and let them be found again, you should be able to figue out how to make it ignore them.

#3 MaryBet82

MaryBet82
  • Topic Starter

  • Members
  • 438 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:29 AM

Posted 16 April 2010 - 08:37 AM

thanks stang77,

I clicked ignore while they were still in quarantine. Maybe that's why it didn't work. I'll try doing it the other way.
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users