MBAM detecting WinPatrol registry key as an infection.

Status
Not open for further replies.

_MS_

Level 1
Thread author
Oct 13, 2011
20
3fa301233c.png
 
D

Deleted member 178

i have Winpatrol installed in my machine, but im on a x64 system, and i checked my registry, and i don't have this reg key at this location. delete it by MBAM and see if winpatrol still function.
 

McLovin

Level 78
Verified
Honorary Member
Malware Hunter
Apr 17, 2011
9,228
Ahh, okay. Well I would say it is only a false positive.
 

bogdan

Level 1
Jan 7, 2011
1,362
The keys created in HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options allow the redirection of the excution of one application to another. Both malware and legit apps use those keys, for example third party task managers like Process Hacker and Process Explorer use them to replace the Windows Task Manager.
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
It happened to me before, but not in MBAM FP and its through other on demand scanner that detected it. Since I configured Process Hacker to make it default as task manager.

Its pretty normal as long its a legit application.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top