What to do if you get a new warning in Malwarebytes: Hijack.Securityrun

Published on March 29, 2015 By DrJBHL In Personal Computing

You might be getting this warning…or even several hits with a “high” rating as malware with Malwarebytes Anti-Malware Pro. They will probably point to the registry.

You won’t be able to see the full path in Malwarebytes (and that should be corrected by them). You can however save it to a text file and then get the full path.

So what are they?

“The entries that Malwarebytes found are software restrictions that someone or a program have added to the system. They can be malicious in nature as they may prevent security software or other important software from running on the system.

Each rule has a security level associated with it which determines its rights on the system.

Disallowed blocks the program from execution on the system regardless of the rights of the user account trying to run the application.

Basic User allows the program to be executed with basic user privileges only but not with elevated privileges.

Unrestricted will run the program with the same rights as the user executing the program (which can be with administrative privileges)”

What you should do

The course of action depends on whether you have set those restrictions or not. If you are not the system administrator, an admin may have set them as well.

If you are the only user on the system and have not set them, you may want to consider removing them from the system.

If you are using Malwarebytes, you could have them quarantined which provides you with an option to restore the rules should the need arise.

You can use the Group Policy Editor or the Registry directly as well to remove those entries.

In the Group Policy Editor, you find them under Local Computer Policy > Windows Settings > Security Settings > Software Restriction Policies > Additional Rules.

To remove an entry select it and hit the delete key on the keyboard. Alternatively, right-click on a rule and select delete from the context menu.” – ghacks

Thanks, gHacks for this very useful article.

Source:

http://www.ghacks.net/2015/03/29/malwarebytes-hijack-securityrun-hits-explained/?_m=3n%2e0038%2e1562%2ehj0ao01hy5%2e1m9f

Comments

No one has commented on this article. Be the first!

Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:

Richer content, access to many features that are disabled for guests like commenting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!