Malicious command line detected
Hi. I just got a new laptop yesterday and installed bitdefender. Every single time I login I get a "disinfection in progress" then the below critical error. Does anyone have any idea what this is? It's quite frustrating so want to be able to fix it. I ran system scans and it showed nothing (as it says it's now safe on the error ), I downloaded and ran a adwcleaner scan and nothing.
The app C:\Windows\SysWOW64\reg.exe was passed a malicious command line and has been blocked. Your device is now safe. Command line: "C:\Windows\SysWOW64\reg.exe" add HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "Intel Management Engine Components 1060723391" /t REG_SZ /d "wscript.exe /t:30 /nologo /e:jscript \"C:\ProgramData\Intel\Intel(R) Management Engine Components\Intel MEC 4168515834\" \"C:\ProgramData\Intel\Intel(R) Management Engine Components\" 1593577088" /f
Answers
-
Hi Andrewcfc87,
Welcome on the site!
It is not normal you bought yesterday a new laptop with such issues.
Is it a brand new computer with a new O.S. installed? Fresh and virgin? Or not? Is it free from malwares?
You had better ask the seller what is going on.
You could ask for help the experts there:
Regards,
L.
AMD Ryzen 7 5800X3D 8-Core Processor3.40 GHz 32,0 Go [ Bitdefender Internet Security + VPN]
0 -
It is a brand new laptop yes. Do you know what type of thing usually causes this error? I'm not very computer savvy. II just downloaded a malwarebytes checker and a few things came up as malware - RiskWareMisusedLegit.E ?
0 -
No I do not know.
I do not think the Malwarebytes soft would have brought you a malicious gimmick in the operating system.
Did you download the original Malwarebytes ?
Anyway, you had better ask the experts as mentionned in the previous post.
Good evening,
L.
AMD Ryzen 7 5800X3D 8-Core Processor3.40 GHz 32,0 Go [ Bitdefender Internet Security + VPN]
0 -
The error message you're encountering with Bitdefender indicates that it successfully blocked a potential threat targeting your new laptop. Here's a breakdown of the message and potential solutions:
Error Message:
The app C:\Windows\SysWOW64\reg.exe was passed a malicious command line and has been blocked. Your device is now safe. Command line: "C:\Windows\SysWOW64\reg.exe" add HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "Intel Management Engine Components 1060723391" /t REG_SZ /d "wscript.exe /t:30 /nologo /e:jscript "C:\ProgramData\Intel\Intel(R) Management Engine Components\Intel MEC 4168515834" "C:\ProgramData\Intel\Intel(R) Management Engine Components" 1593577088" /f
What it means:
- An application (reg.exe) tried to add a suspicious entry to your registry (the Windows configuration database).
- This entry would attempt to run a wscript.exe file located in the Intel Management Engine Components directory.
- Bitdefender successfully identified and blocked this malicious attempt, protecting your device.
Possible causes:
- Malicious software: Malware might have tried to use the above command to gain persistence on your system.
- Vulnerability in Intel Management Engine: A potential vulnerability in this software could have been exploited.
- False positive: Although less likely, this could be a case where Bitdefender misidentified a legitimate process.
Recommendations:
- Keep Bitdefender updated: Ensure you have the latest virus definitions and software updates for Bitdefender to maintain optimal protection.
- Check additional scans: While your existing scans haven't shown anything, consider running a full system scan with Bitdefender and a dedicated anti-malware tool like Malwarebytes to double-check for threats.
- Update Intel Management Engine: Visit the Intel website and download the latest drivers and updates for your specific Management Engine version. This can address any security vulnerabilities.
- Monitor for recurring issues: If the error persists, contact Bitdefender support by visiting https://www.bitdefender.com/consumer/support/ for further assistance. They can help analyze the specific logs and provide more tailored advice.
Additional notes:
- While Bitdefender blocked the threat, it's always a good practice to be cautious and avoid clicking on suspicious links or downloading unknown files.
- Consider enabling additional security features in Bitdefender, such as real-time protection and website filtering, for enhanced protection.
Regards
Life happens, Coffee helps!
Show your Attitude, when you reach that Altitude!
Bitdefender Ultimate Security Plus (user)
0