Malwarebytes found something strange..

I downloaded and installed Malwarebytes, and after it ran its scan, right at the end it found this.

PUM.Disabled.SecurityCenter in the Registry Data.

Our computer has never been infected by malware, there was a site that tried to send a few trojan but ESET NOD32 terminated the attempt. There have also been no indications of infection. Does this mean that the computer is infected or is it a false positive?

Our Antivirus is Nod32 version 4

Thanks

 

Run scans with some other scanners and see what they say. Suggestions:

1. Dr.Web Cureit
2. SuperAntiSpyware Portable
3. Hitman Pro

 

Typing "PUM.Disabled.SecurityCenter" in google gives you:
http://forums.malwarebytes.org/index.php?showtopic=69778&view=findpost&p=358335

PUM - potentially unwanted system modifications

 

trouble is that something has disabled the security center!
either malware or user her-/himself - dig that.
btw there is no reason to do so - and eset did not.

 

you have no problem at all. i also disable security center service manually (it is useless) and malwarebytes detect this as a threat.

 

Don't be so ignorant bollity. Malware routinely disable the security center and use their own fake alerts. A recent malware infection could be the cause. It might not mean that he is currently infected but it may have caused changes. Running a few scans with some demand scanners are probably warranted.

 

Yeah, and that does not change a bit about the fact that the "security" center is a useless piece of junk based on completely broken WMI technology (lets break randomly whenever a butterfly does a wrong wing movement over there on the other hemisphere) that actually helps to spread malware.

 

The thing is we have never been infected with malware, and it would be easy to notice if there were fake alerts popping up everywhere, which hasn't been occurring. I am just unsure if I accidentally configured the security centre, because I asked a Malwarebytes creator and they said that the Windows Updates were disabled, and I should not be worried. I am still curious as to how they were disabled though.

 

This is what Malwarebytes actually detected.

HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Security Center/UpdatesDisableNotify

I am unsure if I have configured it so that I have to manually install the updates, because I am sure that we have never had malware on our computer, so I don't know how this was changed.

 

I have placed those warnings on the MBAM Ignore list a long time ago.
All three... Updates, FW and AV, because I do manual updates.



But if the OP isn't clear on how it got disabled, by all means, run scans to look for malware.

 

I have noticed for a while that the computer hasn't really notified me of automatic updates, even though every time I check, the automatic updates are enabled in the Security Centre. I find that I always have to manually install the updates, but it is strange as automatic updates is enabled when I manually install. Is it possible that some error in configuration has taken place or something similar?

 

My take is that based purely on the fact that MBAM threw up that alert, I wouldn't be concerned... had I known I had disabled updates. But you're basically saying that you don't know for sure if you did, plus they appear to be enabled even though you have to manually update. (Have I got that right?)

Given those circumstances, if it was me, I would try once more to toggle the updates off and then back on, to see if the setting sticks. The drawback to that is you will have to wait for new updates to arrive to see if it is working, right? And the wait might be detrimental if in fact there is an infection that is causing this issue.

So I would run a few scans (as already mentioned), and maybe search the internet for people who have had similar issues (like this), but I would definitely try to get to the bottom of why your Security Center says you have auto updating enabled and they don't come through.

HTH

 

that`s only a registry key detected by mbam : PUM- Potentially Unwanted Modification. a registry key was modified and your security center was disabled/closed. nothing to worry about. i never keep security center enabled.

 

yeah spybot will detect those kinds of things too. dont worry ur alright.

 

"stopped" and caught mid-way by a poorly written HIPS are totally different things. Likely a key from the failed malware.

 

PUM = Potentially Unwanted Modification

These are for all cases where it could go either way when it comes to the cause so we notify and let the user make the call to either fix or ignore.

The classification PUM itself is in the options list and the default action for all PUM can be set to full detect, warn only (intentional check mark required to fix) or disabled.