PDA

View Full Version : Confused - MBAM Registry Issue



BCVikes1701
07-06-2012, 08:22 PM
Hello folks,

I ran my daily quick scan with MBAM on my new G75NW, it finds an entry as follows:


HKCU\Software\Windows\Current Version\Explorer\Advanced|Start_ShowSearch

I've used NIS and MBAM Pro (real-time turned) for some time and this is the first time I've seen this entry. For now, I put in the ignored list. NIS does not either find this or doesn't see it as a problem. Is this anything to be concerned about?

Appreciate the help.

BC

dstrakele
07-06-2012, 08:56 PM
As some of the hits in http://www.google.com/search?hl=en&client=ms-android-verizon&source=android-htc-quicklookup&sky=mrdr&sa=X&ei=b0v3T53OJoPg2gXrzanjBg&ved=0CFUQvwUoAQ&q=HKCU%5CSoftware%5CWindows%5CCurrentversion%5CExp lorer%5CAdvanced%7CStart_ShowSearch&spell=1&biw=360&bih=453 indicate, this particular area of the StartMenu registry is known to be exploited by Fake AVS malware.

But I would recommend getting the true poop from MBAM by posting on their forum. They should be best equipped to tell you if it is a false positive.

Angrybrit
07-06-2012, 10:05 PM
Id still suggest a run through avira live cd or any other bootable aggresive antivirs...

Shawnnepc
07-06-2012, 10:11 PM
Hey BCVikes,

Have you noticed any new tool bars recently?

Has your start page changed suddenly?

Some re-director infections take control of that area in order to feed you ad based search results.

I would give your computer a scan using the following tool below:

http://www.surfright.nl/en/downloads/

This software uses a cloud based anti-malware solution. It will scan the computer for threats and then compile the data using every modern anti-parasite software.

It's first run includes a one time 15 day trial.

Let us know if you require anything else :)


Hello folks,

I ran my daily quick scan with MBAM on my new G75NW, it finds an entry as follows:


HKCU\Software\Windows\Current Version\Explorer\Advanced|Start_ShowSearch

I've used NIS and MBAM Pro (real-time turned) for some time and this is the first time I've seen this entry. For now, I put in the ignored list. NIS does not either find this or doesn't see it as a problem. Is this anything to be concerned about?

Appreciate the help.

BC

BCVikes1701
07-07-2012, 06:20 AM
Thanks for the responses. As suggested, I've posted the question on the MBAM Forum. I reviewed the MBAM logs and there's no mention of the detection within the logs. Also, nothing has changed in my set up as far as I can tell. Also, I forget to mention that this is actually my second G75 - the first was returned after only a few days because of a hard drive failure. MBAM showed the same detection on that machine. It must have something to do with changes I make, such as using Autoruns to reduce the number of programs running at start-up. I'll let you know if MBAM has a good answer.

BC